Report - rouonixon.com/4/7114806/

Report Overview

Submitted URL
rouonixon.com/4/7114806/
IP
139.45.197.238
ASN
#9002 RETN Limited
Submitted
2024-05-08 22:02:18
Access
public
Website Title
Loading...
Final URL
6bad776a0a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
b2bee0ea11.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	108 kB	23.158.56.123
9576d8657e.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	11 kB	23.158.56.123
69fe434788.news-mareka.com	unknown	unknown	No data	No data	11 kB	201 kB	23.158.56.123
a05f7c538a.news-mareka.com	unknown	unknown	No data	No data	4.0 kB	92 kB	65.109.24.247
727289cb27.news-mareka.com	unknown	unknown	No data	No data	5.0 kB	107 kB	65.109.24.247
f038dd5cea.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	114 kB	23.158.56.123
578e2554d2.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	504 kB	23.158.56.123
7672242f69.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	559 kB	23.158.56.123
45fcaf7a28.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	29 kB	23.158.56.123
9292beef2d.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	70 kB	23.158.56.123
ae776fd41f.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	146 kB	65.109.24.247
562cfbc583.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	60 kB	23.158.56.123
71b75468b6.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	55 kB	23.158.56.123
11c31df564.news-mareka.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.123
8949b722d5.news-mareka.com	unknown	unknown	No data	No data	979 B	16 kB	23.158.56.123
097898d683.news-mareka.com	unknown	unknown	No data	No data	468 B	8.4 kB	65.109.24.247
288a0943c2.news-mareka.com	unknown	unknown	No data	No data	5.0 kB	113 kB	65.109.24.247
5d35232dd6.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	89 kB	23.158.56.123
429b84f309.news-mareka.com	unknown	unknown	No data	No data	1.1 kB	70 kB	23.158.56.123
2e6f04d06f.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	115 kB	65.109.24.247
0f614685b3.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	110 kB	23.158.56.123
18496ded67.news-mareka.com	unknown	unknown	No data	No data	947 B	11 kB	23.158.56.123
6b8ea0f25d.news-mareka.com	unknown	unknown	No data	No data	2.5 kB	171 kB	65.109.24.247
3b300187fa.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	100 kB	23.158.56.123
bb02dc592e.news-mareka.com	unknown	unknown	No data	No data	4.5 kB	100 kB	23.158.56.123
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-08	524 B	678 B	139.45.195.8
aaf559a722.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	58 kB	23.158.56.123
23d8d84399.news-mareka.com	unknown	unknown	No data	No data	3.0 kB	583 kB	23.158.56.123
d95f5818c1.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	26 kB	23.158.56.123
d199676c63.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	90 kB	23.158.56.123
bf753ccf19.news-mareka.com	unknown	unknown	No data	No data	3.0 kB	72 kB	23.158.56.123
775bdd929d.news-mareka.com	unknown	unknown	No data	No data	1.4 kB	11 kB	23.158.56.123
eb838db12b.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	82 kB	23.158.56.123
e7f3278b65.news-mareka.com	unknown	unknown	No data	No data	2.5 kB	512 kB	23.158.56.123
news-hiziwi.cc	unknown	unknown	No data	No data	538 B	259 B	144.76.106.61
news-pepafu.com	unknown	unknown	No data	No data	47 kB	18 kB	65.109.24.247
8e4c164ae1.news-mareka.com	unknown	unknown	No data	No data	10 kB	354 kB	65.109.24.247
5132e20e85.news-mareka.com	unknown	unknown	No data	No data	497 B	45 kB	23.158.56.123
1211d78a43.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	63 kB	23.158.56.123
31e9cb8087.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	224 kB	23.158.56.123
ab18e3e225.news-mareka.com	unknown	unknown	No data	No data	479 B	2.7 kB	23.158.56.123
fc6c20ae42.news-mareka.com	unknown	unknown	No data	No data	4.5 kB	81 kB	23.158.56.123
11dde55c58.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	142 kB	65.109.24.247
c94c8d967c.news-mareka.com	unknown	unknown	No data	No data	965 B	53 kB	23.158.56.123
d81df29cc3.news-mareka.com	unknown	unknown	No data	No data	3.0 kB	564 kB	23.158.56.123
ec68a11d13.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	16 kB	23.158.56.123
0ef52cc17a.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	188 kB	23.158.56.123
cee72727ce.news-mareka.com	unknown	unknown	No data	No data	14 kB	289 kB	23.158.56.123
302ae46687.news-mareka.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.123
d1c2467185.news-mareka.com	unknown	unknown	No data	No data	2.6 kB	596 kB	65.109.24.247
1d751ad421.news-mareka.com	unknown	unknown	No data	No data	4.5 kB	60 kB	23.158.56.123
c219f7b5bc.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	145 kB	23.158.56.123
25dac62c59.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	57 kB	23.158.56.123
ee4fbb8b23.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	114 kB	23.158.56.123
8719229c8c.news-mareka.com	unknown	unknown	No data	No data	965 B	53 kB	65.109.24.247
b17736b173.news-mareka.com	unknown	unknown	No data	No data	3.0 kB	529 kB	65.109.24.247
9edf9c03b6.news-mareka.com	unknown	unknown	No data	No data	9.0 kB	140 kB	23.158.56.123
a065406aab.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	248 kB	23.158.56.123
ef110687ff.news-mareka.com	unknown	unknown	No data	No data	947 B	11 kB	23.158.56.123
4e03a09ca0.news-mareka.com	unknown	unknown	No data	No data	965 B	55 kB	65.109.24.247
255eab8170.news-mareka.com	unknown	unknown	No data	No data	965 B	54 kB	65.109.24.247
0597de83e0.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	61 kB	23.158.56.123
33dcae1a33.news-mareka.com	unknown	unknown	No data	No data	571 B	5.2 kB	23.158.56.123
6bad776a0a.news-mareka.com	unknown	unknown	No data	No data	947 B	11 kB	23.158.56.123
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	2.5 kB	71 kB	142.250.74.106
97d584cb3e.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	142 kB	23.158.56.123
17802dbca2.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	56 kB	23.158.56.123
show.revopush.com	11949	2019-06-25	2019-09-09	2024-05-08	5.5 kB	220 kB	95.216.46.99
094986d265.news-mareka.com	unknown	unknown	No data	No data	3.9 kB	73 kB	23.158.56.123
5ce630a2fb.news-mareka.com	unknown	unknown	No data	No data	979 B	16 kB	23.158.56.123
f01ee521e1.news-mareka.com	unknown	unknown	No data	No data	7.5 kB	139 kB	23.158.56.123
fba7688a0e.news-mareka.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.123
4571cd84a2.news-mareka.com	unknown	unknown	No data	No data	497 B	46 kB	23.158.56.123
d870d24afa.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	145 kB	23.158.56.123
e289e10e38.news-mareka.com	unknown	unknown	No data	No data	13 kB	247 kB	23.158.56.123
a33945de98.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	100 kB	23.158.56.123
dcab15ed3f.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	73 kB	65.109.24.247
255a2fcfa6.news-mareka.com	unknown	unknown	No data	No data	1.6 kB	62 kB	23.158.56.123
e39c2b33d3.news-mareka.com	unknown	unknown	No data	No data	2.5 kB	556 kB	23.158.56.123
d483a2802b.news-mareka.com	unknown	unknown	No data	No data	1.0 kB	86 kB	23.158.56.123
6f40277fc5.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	69 kB	23.158.56.123
8a42934edf.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	76 kB	65.109.24.247
149a9ef7c3.news-mareka.com	unknown	unknown	No data	No data	1.6 kB	48 kB	65.109.24.247
f413380b80.news-mareka.com	unknown	unknown	No data	No data	1.1 kB	101 kB	23.158.56.123
39bc115132.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	65 kB	23.158.56.123
a181ab30f5.news-mareka.com	unknown	unknown	No data	No data	2.5 kB	57 kB	23.158.56.123
9cda27debf.news-mareka.com	unknown	unknown	No data	No data	571 B	9.0 kB	23.158.56.123
60bbdb8ff4.news-mareka.com	unknown	unknown	No data	No data	4.2 kB	296 kB	65.109.24.247
7a8f7fa289.news-mareka.com	unknown	unknown	No data	No data	14 kB	294 kB	65.109.24.247
5c1d856a6e.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	66 kB	65.109.24.247
621cc0e4f6.news-mareka.com	unknown	unknown	No data	No data	1.1 kB	130 kB	23.158.56.123
partners-tds.com	415339	2021-04-01	2021-04-01	2024-04-15	54 kB	51 kB	142.202.51.61
1f73583cb4.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	100 kB	23.158.56.123
7a72402dbf.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	56 kB	23.158.56.123
05ac7aa047.news-mareka.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.123
d7e1f16ce8.news-mareka.com	unknown	unknown	No data	No data	11 kB	259 kB	23.158.56.123
9a3521b7ec.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	49 kB	65.109.24.247
352f0926b3.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	511 kB	23.158.56.123
dd39a8b9a8.news-mareka.com	unknown	unknown	No data	No data	2.0 kB	251 kB	65.109.24.247
08f11ff51d.news-mareka.com	unknown	unknown	No data	No data	1.1 kB	54 kB	23.158.56.123
c27bbd9ebf.news-mareka.com	unknown	unknown	No data	No data	965 B	53 kB	23.158.56.123
fc286cac74.news-mareka.com	unknown	unknown	No data	No data	1.5 kB	60 kB	23.158.56.123
dd990bea48.news-mareka.com	unknown	unknown	No data	No data	4.5 kB	60 kB	23.158.56.123
rouonixon.com	unknown	2020-10-21	2020-11-06	2024-03-19	2.8 kB	3.1 kB	139.45.197.238
fcababdb0e.news-mareka.com	unknown	unknown	No data	No data	2.5 kB	556 kB	65.109.24.247
43f05b9454.news-mareka.com	unknown	unknown	No data	No data	965 B	56 kB	23.158.56.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	news-hiziwi.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	1211d78a43.news-mareka.com/revopush.js	20 kB	2024-05-03	2024-05-19
Pretty URL 1211d78a43.news-mareka.com/revopush.js IP 23.158.56.123 ASN #63023 AS-GLOBALTELEHOST Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 10:51:54 Last Seen2024-05-19 22:27:36 Times Seen2956 Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 Loading...

HTTP Transactions (680)

URL IP Response Size

rouonixon.com/sftouch?userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf&branchId=0&rb=Pj92zyGwTzQ0TuGM_fM38B6ahwMDmnnmc_A9YxVSBfS5yenkOJyzOIt3p1tT7yhCF2nzcYYINY2nsDmwhwirlLM9roUeHuKit4cjDAbFtTbeQ5UuZzHE_h_tHeHzpB9SH0o4pGk1pvFHcxXoBn9JGnsHevKndFueUQ1nFQ08Nm81x4_jPqZvWghTzRrCgnTXphtkDbnSQiHk__WzumD0m_0M5ujHoVJPerPyj40fI80=

139.45.197.238

2 B

URL
rouonixon.com/sftouch?userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf&branchId=0&rb=Pj92zyGwTzQ0TuGM_fM38B6ahwMDmnnmc_A9YxVSBfS5yenkOJyzOIt3p1tT7yhCF2nzcYYINY2nsDmwhwirlLM9roUeHuKit4cjDAbFtTbeQ5UuZzHE_h_tHeHzpB9SH0o4pGk1pvFHcxXoBn9JGnsHevKndFueUQ1nFQ08Nm81x4_jPqZvWghTzRrCgnTXphtkDbnSQiHk__WzumD0m_0M5ujHoVJPerPyj40fI80=
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /sftouch?userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf&branchId=0&rb=Pj92zyGwTzQ0TuGM_fM38B6ahwMDmnnmc_A9YxVSBfS5yenkOJyzOIt3p1tT7yhCF2nzcYYINY2nsDmwhwirlLM9roUeHuKit4cjDAbFtTbeQ5UuZzHE_h_tHeHzpB9SH0o4pGk1pvFHcxXoBn9JGnsHevKndFueUQ1nFQ08Nm81x4_jPqZvWghTzRrCgnTXphtkDbnSQiHk__WzumD0m_0M5ujHoVJPerPyj40fI80= HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rouonixon.com
DNT: 1
Connection: keep-alive
Referer: https://rouonixon.com/4/7114806/
Cookie: OAID=0080569cae05410ef7711528bad0e970; oaidts=1715205707
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:47 GMT
content-type: text/plain
content-length: 2
x-trace-id: 7004d9b1b9022d8bfa1cf1d9493f9a59
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://rouonixon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

rouonixon.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066

139.45.197.238

12 B

URL
rouonixon.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066 HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1383
Origin: https://rouonixon.com
DNT: 1
Connection: keep-alive
Referer: https://rouonixon.com/4/7114806/
Cookie: OAID=0080569cae05410ef7711528bad0e970; oaidts=1715205707
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://rouonixon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf

139.45.195.8

43 B

URL
my.rtmark.net/img.gif?f=merge&userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=0080569cae05410ef7711528bad0e970&z=7114806&p_rid=1d6d7be3-eb6e-4ce0-ad7d-97f291f8e066&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rouonixon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080569cae05410ef7711528bad0e970; expires=Thu, 08 May 2025 22:01:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

rouonixon.com/favicon.ico

139.45.197.238

0 B

URL
rouonixon.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rouonixon.com/4/7114806/
Cookie: OAID=0080569cae05410ef7711528bad0e970; oaidts=1715205707
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

rouonixon.com/?z=7114806&syncedCookie=true&rhd=false

139.45.197.238

0 B

URL
rouonixon.com/?z=7114806&syncedCookie=true&rhd=false
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /?z=7114806&syncedCookie=true&rhd=false HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 524
Origin: https://rouonixon.com
DNT: 1
Connection: keep-alive
Referer: https://rouonixon.com/afu.php?zoneid=7114806&var=7114806&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080569cae05410ef7711528bad0e970; oaidts=1715205707
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-length: 0
location: https://news-hiziwi.cc/tds?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
x-trace-id: 10e575e6eb0547c960bfbe3a9b95f649
link: <https://news-hiziwi.cc>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://rouonixon.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080569cae05410ef7711528bad0e970; expires=Thu, 08 May 2025 22:01:48 GMT; path=/; secure; SameSite=None
oaidts=1715205707; expires=Thu, 08 May 2025 22:01:48 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 22:01:48 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

news-hiziwi.cc/tds?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875

144.76.106.61

0 B

URL
news-hiziwi.cc/tds?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
IP
144.76.106.61:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tds?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875 HTTP/1.1
Host: news-hiziwi.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-length: 0
location: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/lands/107/css/style.css

65.109.24.247

1.9 kB

URL
60bbdb8ff4.news-mareka.com/lands/107/css/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6297)
Size
1.9 kB (1853 bytes)
Hash
813e1013064467cd8aa059d8d72ea300
efc47fa078cec5676e20370fe2778f40ca281cfc
9e2be1b4d55749b36866376559d74fc9f0f32b7ea9341c0a7ca8a6c4736ae040

HTTP Headers

GET /lands/107/css/style.css HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: text/css
content-length: 1853
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-73d"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
60bbdb8ff4.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/lands/107/js/jquery-3.5.1.min.js

65.109.24.247

31 kB

URL
60bbdb8ff4.news-mareka.com/lands/107/js/jquery-3.5.1.min.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65460)
Size
31 kB (31004 bytes)
Hash
efa5e603093aafb172bcffb9b981067a
a841f9df41123a833380e82dc53082dd902793e2
1a4b303e001f583ddb4210170cdce985036a2845537ca2ec8e792220d15295e6

HTTP Headers

GET /lands/107/js/jquery-3.5.1.min.js HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 31004
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-791c"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/lands/107/js/lang.js

65.109.24.247

12 kB

URL
60bbdb8ff4.news-mareka.com/lands/107/js/lang.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (21907), with no line terminators
Size
12 kB (12472 bytes)
Hash
62bd8246b34c5fd46323fecff9770f06
981f367df45adbf049502211f5c2d064dadcf2b7
82c7b1fe2c1913d0b943b57aa8b98cb5b1c4cee88615ce45c85ef274f439c2a5

HTTP Headers

GET /lands/107/js/lang.js HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 12472
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-30b8"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/lands/107/js/all.js

65.109.24.247

218 B

URL
60bbdb8ff4.news-mareka.com/lands/107/js/all.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with no line terminators
Size
218 B (218 bytes)
Hash
732371ae26f943eed41adaabf3edb832
31593869cf07f3aec569da9ee5ca2b3d7597d671
addda2733d2909dd3de94044aff30faeb57c8d0f8935045be9a2348ed0504a98

HTTP Headers

GET /lands/107/js/all.js HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 218
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-da"
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/lands/107/images/1.png

65.109.24.247

179 kB

URL
60bbdb8ff4.news-mareka.com/lands/107/images/1.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1069, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=620], progressive, precision 8, 620x1032, components 3
Size
179 kB (179176 bytes)
Hash
a2d245e1c43c61ca34bea001510dd6d9
7a7e0dbf8bb132958fecd093e6741ffe49d060b5
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

HTTP Headers

GET /lands/107/images/1.png HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: image/png
content-length: 179176
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2bbe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/process.js?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875

65.109.24.247

45 kB

URL
60bbdb8ff4.news-mareka.com/process.js?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
45 kB (45367 bytes)
Hash
678f26c0f421bab5f5efd3b4adffb885
477aea9ee393c98cfd79d5efd185f472e0a872ec
cc8ac7338c510694ba28de79158909dff4917e3f6dc0143dfde61ce518508509

HTTP Headers

GET /process.js?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875 HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

142.250.74.106

1.9 kB

URL
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
1.9 kB (1944 bytes)
Hash
dba6791ee57dfacadbeb0aba1ee9ceb2
953d3df5de8812ae975ff9770012a9c8b39cb484
49116d1a414ccb75ce317dca886fa242c4beb435c5563cdf658e3a3658926312

HTTP Headers

GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:01:48 GMT
date: Wed, 08 May 2024 22:01:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://60bbdb8ff4.news-mareka.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:49 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117skus; expires=Sat, 08 Jun 2024 22:01:49 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60bbdb8ff4.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-length: 0
location: https://dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

dd39a8b9a8.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
dd39a8b9a8.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: dd39a8b9a8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

dd39a8b9a8.news-mareka.com/lands/48/preloader-43.5794040.gif

65.109.24.247

7.0 kB

URL
dd39a8b9a8.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: dd39a8b9a8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd39a8b9a8.news-mareka.com/
Cookie: _subid=376l60j117skus; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:49 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117skv6; expires=Sat, 08 Jun 2024 22:01:49 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dd39a8b9a8.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-length: 0
location: https://8a42934edf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8a42934edf.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
8a42934edf.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 8a42934edf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a42934edf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a42934edf.news-mareka.com/
Cookie: _subid=376l60j117skv6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:49 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117skvc; expires=Sat, 08 Jun 2024 22:01:49 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:38 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a42934edf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-length: 0
location: https://11dde55c58.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

11dde55c58.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
11dde55c58.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 11dde55c58.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11dde55c58.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11dde55c58.news-mareka.com/
Cookie: _subid=376l60j117skvc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:50 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117skvf; expires=Sat, 08 Jun 2024 22:01:50 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11dde55c58.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-length: 0
location: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
a05f7c538a.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

10 kB

URL
a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
10 kB (10545 bytes)
Hash
0144427e9b9f72fdbcc66ddfb9c47639
feab765bbcc8a132d467cfacc426462a9e649088
bcd22e208707242b1255fd4dda162624f8a45b9e6296fa1c2c096987bde63e90

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11dde55c58.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/lands/39/img/icon2.png

65.109.24.247

4.6 kB

URL
a05f7c538a.news-mareka.com/lands/39/img/icon2.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/lands/39/img/icon3.png

65.109.24.247

7.8 kB

URL
a05f7c538a.news-mareka.com/lands/39/img/icon3.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/lands/39/img/icon4.png

65.109.24.247

7.0 kB

URL
a05f7c538a.news-mareka.com/lands/39/img/icon4.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/lands/39/img/icon5.png

65.109.24.247

3.3 kB

URL
a05f7c538a.news-mareka.com/lands/39/img/icon5.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/lands/39/img/icon7.png

65.109.24.247

3.3 kB

URL
a05f7c538a.news-mareka.com/lands/39/img/icon7.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

8a42934edf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

49 kB

URL
8a42934edf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
49 kB (48753 bytes)
Hash
326df2f82a67be258efa690073f09d4d
66e603b63d672022b756ae559e2719a16401daaa
05e1d47f1dffd77843a81be9ea27409b8ec03e9ef9aabad71917b191bfc8cfec

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8a42934edf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8a42934edf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/
Cookie: _subid=376l60j117skvf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:50 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117skvo; expires=Sat, 08 Jun 2024 22:01:50 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a05f7c538a.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-length: 0
location: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a05f7c538a.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
a05f7c538a.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (44310)
Size
45 kB (45447 bytes)
Hash
ffcb05e4ba993b4290a36a4f34c044ec
860ecff782883af78647e37067d65b7131384af6
aff77623259e6ec3b80dedad89a5f04485d74385cf3d27e25f578e6f2475e16c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a05f7c538a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a05f7c538a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
7a8f7fa289.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/style.css

65.109.24.247

3.1 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/logo.png

65.109.24.247

7.4 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/logo.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/search-icon.png

65.109.24.247

461 B

URL
7a8f7fa289.news-mareka.com/lands/36/img/search-icon.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/Spin-1s-80px.gif

65.109.24.247

31 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/player-controls-l.png

65.109.24.247

945 B

URL
7a8f7fa289.news-mareka.com/lands/36/img/player-controls-l.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced
Size
945 B (945 bytes)
Hash
6865c8700b582e4c7848472bb23dd65a
c5ea2c514de8f55145550f9589e1e07cda457994
e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324

HTTP Headers

GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/player-controls-r.png

65.109.24.247

408 B

URL
7a8f7fa289.news-mareka.com/lands/36/img/player-controls-r.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced
Size
408 B (408 bytes)
Hash
f0e42db89f7d0994b3723b35eb05a49f
b4e08e7b2c525345d86dc2299663915c84a41b2b
13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be

HTTP Headers

GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/player-bg.jpg

65.109.24.247

11 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/player-bg.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-1.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-1.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-2.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-2.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-3.jpg

65.109.24.247

9.4 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-3.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-4.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-4.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-5.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-5.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-6.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-6.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9620 bytes)
Hash
a83d5196e71bd6f9c55ef3e7322e527c
9dbddad413391599552c4d9cc5c9e8a287ef910f
52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818

HTTP Headers

GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-7.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-7.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-8.jpg

65.109.24.247

9.8 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-8.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-9.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-9.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-10.jpg

65.109.24.247

9.7 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-10.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-11.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-11.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-12.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-12.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd39a8b9a8.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

54 kB

URL
dd39a8b9a8.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
54 kB (54067 bytes)
Hash
af105aae7500fcb5f06d31f51c1f8511
e8d07f1e07267306e608f9b7cf42fd366389701f
2499e5be9165cda745fb818953b3fd97741c81075c07db43e80db702f10a15ae

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: dd39a8b9a8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-14.jpg

65.109.24.247

9.5 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-14.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9498 bytes)
Hash
4957499f251b620472eb5fe6fd126c22
a237ac15f4b16256f1c49a40ca07ca168dea540c
de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b

HTTP Headers

GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-15.jpg

65.109.24.247

9.7 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-15.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.7 kB (9673 bytes)
Hash
bf608c2d10293273951a88b8d38de015
15b2a17c7300725aacc27f320480dfe5bf173a00
118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f

HTTP Headers

GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-16.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-16.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-17.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-17.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/lands/36/img/pics-18.jpg

65.109.24.247

9.6 kB

URL
7a8f7fa289.news-mareka.com/lands/36/img/pics-18.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/
Cookie: _subid=376l60j117skvo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:50 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl00; expires=Sat, 08 Jun 2024 22:01:50 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:40 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7a8f7fa289.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-length: 0
location: https://8719229c8c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8719229c8c.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
8719229c8c.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 8719229c8c.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8719229c8c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

8719229c8c.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
8719229c8c.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
19deff278253ce1b6de07ce8f49560cb
e80005a4eb4784eda72ddf81bd8061a5ab22ae4c
27740c5cef0730786cf4ec60b6caed197e244656823a90af4ad65f8fdd4c5b9c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8719229c8c.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8719229c8c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8719229c8c.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-length: 0
location: https://6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

6b8ea0f25d.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
6b8ea0f25d.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 6b8ea0f25d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

6b8ea0f25d.news-mareka.com/lands/57/css/style.css

65.109.24.247

1.2 kB

URL
6b8ea0f25d.news-mareka.com/lands/57/css/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: 6b8ea0f25d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

6b8ea0f25d.news-mareka.com/lands/57/js/device.js

65.109.24.247

1.1 kB

URL
6b8ea0f25d.news-mareka.com/lands/57/js/device.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: 6b8ea0f25d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6b8ea0f25d.news-mareka.com/
Cookie: _subid=376l60j117sl05; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:51 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl0f; expires=Sat, 08 Jun 2024 22:01:51 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6b8ea0f25d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-length: 0
location: https://2da644c326.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

53 kB

URL
7a8f7fa289.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
53 kB (52799 bytes)
Hash
367a8a4871df491a055ca862be5a9f56
ce4e4cb1c4d3d7333e02b3fe2d5370abaeb0a1ec
91309f5ca9de69e0980997bb022db09be949969247e298cccd2a8b4970f6db8e

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2da644c326.news-mareka.com/
Cookie: _subid=376l60j117sl0f; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:51 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl0l; expires=Sat, 08 Jun 2024 22:01:51 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2da644c326.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-length: 0
location: https://2e6f04d06f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

2e6f04d06f.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
2e6f04d06f.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 2e6f04d06f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2e6f04d06f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

2e6f04d06f.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
2e6f04d06f.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
1f7e423e4ce0e6c3fedcdc07651350c6
e1404cb0ec0f6be47ef31dd2dadcf7c80045e978
6f6f802b77d154f13bc3ac328430d59fceaf8309a2457a3d3aafc8b0305a2f7a

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 2e6f04d06f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2e6f04d06f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2e6f04d06f.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-length: 0
location: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
b17736b173.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/lands/53/css/style.css

65.109.24.247

1.3 kB

URL
b17736b173.news-mareka.com/lands/53/css/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/lands/53/images/spinning-circles2.svg

65.109.24.247

503 B

URL
b17736b173.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/lands/53/js/device.js

65.109.24.247

1.1 kB

URL
b17736b173.news-mareka.com/lands/53/js/device.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/lands/53/images/video.gif

65.109.24.247

500 kB

URL
b17736b173.news-mareka.com/lands/53/images/video.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b17736b173.news-mareka.com/
Cookie: _subid=376l60j117sl0p; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:51 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl13; expires=Sat, 08 Jun 2024 22:01:51 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b17736b173.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-length: 0
location: https://4e03a09ca0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

4e03a09ca0.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
4e03a09ca0.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 4e03a09ca0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4e03a09ca0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4e03a09ca0.news-mareka.com/
Cookie: _subid=376l60j117sl13; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:51 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl17; expires=Sat, 08 Jun 2024 22:01:51 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:42 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4e03a09ca0.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-length: 0
location: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

fcababdb0e.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
fcababdb0e.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: fcababdb0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

4e03a09ca0.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

46 kB

URL
4e03a09ca0.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
46 kB (45990 bytes)
Hash
3911d3da4cf1674787040fb3f0f976f8
261eb57501f621114ff83b123c28dc34d09d232d
2fa84d06673b36ca19b6edf6ff32a6c315d6aae901db2e47f44f00ed27171ef1

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 4e03a09ca0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4e03a09ca0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

fcababdb0e.news-mareka.com/lands/53/images/spinning-circles2.svg

65.109.24.247

503 B

URL
fcababdb0e.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: fcababdb0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

fcababdb0e.news-mareka.com/lands/53/images/video.gif

65.109.24.247

500 kB

URL
fcababdb0e.news-mareka.com/lands/53/images/video.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: fcababdb0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

fcababdb0e.news-mareka.com/lands/53/js/device.js

65.109.24.247

1.1 kB

URL
fcababdb0e.news-mareka.com/lands/53/js/device.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: fcababdb0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/
Cookie: _subid=376l60j117sl17; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:52 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl1b; expires=Sat, 08 Jun 2024 22:01:52 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fcababdb0e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-length: 0
location: https://ae776fd41f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

ae776fd41f.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
ae776fd41f.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: ae776fd41f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ae776fd41f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ae776fd41f.news-mareka.com/
Cookie: _subid=376l60j117sl1b; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:52 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl1f; expires=Sat, 08 Jun 2024 22:01:52 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ae776fd41f.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-length: 0
location: https://097898d683.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

097898d683.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
097898d683.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 097898d683.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://097898d683.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

fcababdb0e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
fcababdb0e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
f6c45351bd3d7bb5b68cec354e74c931
5dbdaa5b4f7d675bd4348b374df0575f9e375766
143d30886b79c89ff8e141f1386c638a91d692baa69786b6cc4be4603eed94d5

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: fcababdb0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fcababdb0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://097898d683.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-length: 0
location: https://9a3521b7ec.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

2e6f04d06f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

62 kB

URL
2e6f04d06f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
62 kB (61635 bytes)
Hash
650b079a2815c5b5f0228c22636c1b33
12221ee31e4a2067e49356a59ebb940e3f77b32d
d2ee89f5acb65405a69f1a1a8baa6285b4482bb7398c737d8628634b8eb6b9b0

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 2e6f04d06f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2da644c326.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9a3521b7ec.news-mareka.com/lands/57/css/style.css

65.109.24.247

1.2 kB

URL
9a3521b7ec.news-mareka.com/lands/57/css/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: 9a3521b7ec.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9a3521b7ec.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9a3521b7ec.news-mareka.com/lands/57/js/device.js

65.109.24.247

1.1 kB

URL
9a3521b7ec.news-mareka.com/lands/57/js/device.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: 9a3521b7ec.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9a3521b7ec.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9a3521b7ec.news-mareka.com/
Cookie: _subid=376l60j117sl1n; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:52 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl1p; expires=Sat, 08 Jun 2024 22:01:52 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9a3521b7ec.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-length: 0
location: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
727289cb27.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon1.png

65.109.24.247

7.3 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon1.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon2.png

65.109.24.247

4.6 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon2.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon3.png

65.109.24.247

7.8 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon3.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon4.png

65.109.24.247

7.0 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon4.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon5.png

65.109.24.247

3.3 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon5.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon7.png

65.109.24.247

3.3 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon7.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/lands/39/img/icon8.png

65.109.24.247

4.1 kB

URL
727289cb27.news-mareka.com/lands/39/img/icon8.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/
Cookie: _subid=376l60j117sl1p; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:52 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl1u; expires=Sat, 08 Jun 2024 22:01:52 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://727289cb27.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-length: 0
location: https://d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d1c2467185.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
d1c2467185.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d1c2467185.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

46 kB

URL
727289cb27.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
46 kB (45990 bytes)
Hash
3ec59ac6699d55c3c8e34f50633f0979
b0a4cb5bf6060651a3f60c3bd7fa5ba6d0f54f65
9e9d722611084b691c84b06b896850a2094ddd55adc94f655da0e73ec592ae3a

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d1c2467185.news-mareka.com/lands/53/images/spinning-circles2.svg

65.109.24.247

503 B

URL
d1c2467185.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: d1c2467185.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

d1c2467185.news-mareka.com/lands/53/images/video.gif

65.109.24.247

500 kB

URL
d1c2467185.news-mareka.com/lands/53/images/video.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: d1c2467185.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

9a3521b7ec.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

46 kB

URL
9a3521b7ec.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
46 kB (45800 bytes)
Hash
71ddc10d5bd3d4acfe9818e16687131b
bfbea2a1b5be6f345538678b427457092aeb63ff
d309ee0b958dfccbac1ac8b4e4c83db734f4cb55a5d82706e25db4fa56c3d460

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9a3521b7ec.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9a3521b7ec.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1c2467185.news-mareka.com/
Cookie: _subid=376l60j117sl1u; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:52 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl24; expires=Sat, 08 Jun 2024 22:01:53 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d1c2467185.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-length: 0
location: https://5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

1.3 kB

URL
5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
3d0bd3d0aee8ce50660e40be0825e5bd
a405638037c5514e833bc904560bd02c0cc89e8a
64d8515bcf3b17721644f668bbfcd11da5e839b2fbb5ef05fc153c4512907729

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 5c1d856a6e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d1c2467185.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

5c1d856a6e.news-mareka.com/lands/20/style.css

65.109.24.247

868 B

URL
5c1d856a6e.news-mareka.com/lands/20/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 5c1d856a6e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

5c1d856a6e.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
5c1d856a6e.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 5c1d856a6e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5c1d856a6e.news-mareka.com/
Cookie: _subid=376l60j117sl24; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:53 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl29; expires=Sat, 08 Jun 2024 22:01:53 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5c1d856a6e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-length: 0
location: https://149a9ef7c3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

149a9ef7c3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

1.3 kB

URL
149a9ef7c3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
32a48807ab3b4950a7a6ffea2a6d17f7
973df071c70811b24292911b3f0f74994d125961
b7d6b97373510b46dd678fd323f789155fc81cb38973c3711b2fbaf19b40a49c

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 149a9ef7c3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5c1d856a6e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

149a9ef7c3.news-mareka.com/lands/20/style.css

65.109.24.247

868 B

URL
149a9ef7c3.news-mareka.com/lands/20/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 149a9ef7c3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149a9ef7c3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic

142.250.74.106

8.9 kB

URL
fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417)
Size
8.9 kB (8894 bytes)
Hash
9b96449779dba7b9770970658e2fcee4
f7fdda44296aa537742de18218991f0a59898ff9
09da4fdcf12506d6ba400330693ec60b1636ae576a8f29b6c9dd742764ebcb48

HTTP Headers

GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5c1d856a6e.news-mareka.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:01:53 GMT
date: Wed, 08 May 2024 22:01:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149a9ef7c3.news-mareka.com/
Cookie: _subid=376l60j117sl29; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:53 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl2d; expires=Sat, 08 Jun 2024 22:01:53 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

149a9ef7c3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

46 kB

URL
149a9ef7c3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
46 kB (45473 bytes)
Hash
5e77808f3f984e2b2e4123495c41c232
be73d64b7bfa58c8f41e7e10bfda69fed149caf3
aa58a6b4b9a47ec18e185adf8d64adcd95225c0a2e633a33d12d7093cf36164e

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 149a9ef7c3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149a9ef7c3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

255eab8170.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
255eab8170.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 255eab8170.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://255eab8170.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://255eab8170.news-mareka.com/
Cookie: _subid=376l60j117sl2d; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:53 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl2o; expires=Sat, 08 Jun 2024 22:01:53 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://255eab8170.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-length: 0
location: https://dcab15ed3f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

dcab15ed3f.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
dcab15ed3f.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: dcab15ed3f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcab15ed3f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcab15ed3f.news-mareka.com/
Cookie: _subid=376l60j117sl2o; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:53 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl2t; expires=Sat, 08 Jun 2024 22:01:53 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dcab15ed3f.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-length: 0
location: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
288a0943c2.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon1.png

65.109.24.247

7.3 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon1.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon2.png

65.109.24.247

4.6 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon2.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon3.png

65.109.24.247

7.8 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon3.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon4.png

65.109.24.247

7.0 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon4.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon5.png

65.109.24.247

3.3 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon5.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon7.png

65.109.24.247

3.3 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon7.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/lands/39/img/icon8.png

65.109.24.247

4.1 kB

URL
288a0943c2.news-mareka.com/lands/39/img/icon8.png
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/
Cookie: _subid=376l60j117sl2t; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:54 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl35; expires=Sat, 08 Jun 2024 22:01:54 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://288a0943c2.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-length: 0
location: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/lp.js

65.109.24.247

758 B

URL
8e4c164ae1.news-mareka.com/lands/36/lp.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators
Size
758 B (758 bytes)
Hash
dbcc3608581394261613182e95963925
d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9
c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8

HTTP Headers

GET /lands/36/lp.js HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/revopush.js

65.109.24.247

8.1 kB

URL
8e4c164ae1.news-mareka.com/revopush.js
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/style.css

65.109.24.247

3.1 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/style.css
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d1c2467185.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

61 kB

URL
d1c2467185.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
61 kB (60923 bytes)
Hash
47586390b35a660a45c60c2c47fb5fe8
479990981146320975edef08904e7fdb3a039aa9
2b50383c373cbaad0c9a2705e8c57573d5d5b9801f887b8e09d11dccf9bc8e8b

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d1c2467185.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

255eab8170.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
255eab8170.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
45 kB (45150 bytes)
Hash
7c461c17301a6331baa696af5e2e3ab4
c29651c471e624c7127b1e1904f03b03db78e3a3
390d34f46b1b9a2f9040d6b9c037ebe1cf1d6ad36650b7abe67800718d58d80d

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 255eab8170.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://255eab8170.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/Spin-1s-80px.gif

65.109.24.247

31 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

ae776fd41f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

137 kB

URL
ae776fd41f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (63955)
Size
137 kB (136917 bytes)
Hash
b08e3d10bb1c4043f12ee2695ae44cad
0a4aaf852ac6e2799fdc4f4eb164da258b1a0d31
39881db48f81caf2742d7b00bdb4309e0391df022b6e5c80bbe48a9975ed52a2

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ae776fd41f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fcababdb0e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

dcab15ed3f.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

45 kB

URL
dcab15ed3f.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
45 kB (45097 bytes)
Hash
6c6abd6274534d71debedf4c9c59330e
e3d8bc03a424af7007a3ec85332cc9cf407b462e
7eafd5d7f5a590b92588e3096e5b729b1740953463d242d2279ea7d62556f47d

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: dcab15ed3f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcab15ed3f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/player-bg.jpg

65.109.24.247

11 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/player-bg.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-1.jpg

65.109.24.247

9.6 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-1.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-2.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-2.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-3.jpg

65.109.24.247

9.4 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-3.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-4.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-4.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-5.jpg

65.109.24.247

9.6 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-5.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-6.jpg

65.109.24.247

9.6 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-6.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9620 bytes)
Hash
a83d5196e71bd6f9c55ef3e7322e527c
9dbddad413391599552c4d9cc5c9e8a287ef910f
52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818

HTTP Headers

GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-7.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-7.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-8.jpg

65.109.24.247

9.8 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-8.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-9.jpg

65.109.24.247

9.6 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-9.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-10.jpg

65.109.24.247

9.7 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-10.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-11.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-11.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-12.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-12.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-14.jpg

65.109.24.247

9.5 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-14.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.5 kB (9498 bytes)
Hash
4957499f251b620472eb5fe6fd126c22
a237ac15f4b16256f1c49a40ca07ca168dea540c
de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b

HTTP Headers

GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/lands/36/img/pics-16.jpg

65.109.24.247

9.6 kB

URL
8e4c164ae1.news-mareka.com/lands/36/img/pics-16.jpg
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/
Cookie: _subid=376l60j117sl35; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:54 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl3e; expires=Sat, 08 Jun 2024 22:01:54 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8e4c164ae1.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-length: 0
location: https://aaf559a722.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

aaf559a722.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
aaf559a722.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: aaf559a722.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aaf559a722.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

aaf559a722.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

5.1 kB

URL
aaf559a722.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
5.1 kB (5050 bytes)
Hash
05a0d8060a4666de6e87e1861fa7073a
ba12fd211766be50c05ec719c4857681f2726a1d
5eabfb16cede8b5c260b342178a2cc04294ca10bac7979f31c3787c78dd04eca

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: aaf559a722.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8e4c164ae1.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aaf559a722.news-mareka.com/
Cookie: _subid=376l60j117sl3e; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:54 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl3o; expires=Sat, 08 Jun 2024 22:01:54 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aaf559a722.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-length: 0
location: https://0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

0597de83e0.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
0597de83e0.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 0597de83e0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

5.8 kB

URL
0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
5.8 kB (5773 bytes)
Hash
f6a26969c48c7546e483885461351dfd
d9d6135eac29a795a755c9bb905c55a3dca1af99
fcb0fc678322f6df23efe50c0519ecdff94b97e94e66ada4efac258392cafaaf

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0597de83e0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aaf559a722.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

0597de83e0.news-mareka.com/lands/57/js/device.js

23.158.56.123

1.1 kB

URL
0597de83e0.news-mareka.com/lands/57/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: 0597de83e0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0597de83e0.news-mareka.com/
Cookie: _subid=376l60j117sl3o; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:54 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl3r; expires=Sat, 08 Jun 2024 22:01:54 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:48 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0597de83e0.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-length: 0
location: https://08f11ff51d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

11 kB

URL
288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
11 kB (11403 bytes)
Hash
7f6f08594ee714aff448227559a7e6c0
ed5b9d634417aa2ee9603ff93b2d4eedbda3dc58
c5c643a650e4de6a09800b5a663cc43ea1d86235f149592109f88a98d3bef165

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dcab15ed3f.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

aaf559a722.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
aaf559a722.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
37b023cada249d7401838bed88ff428c
c2dae1df614db1f21d6ba533d164dbe30a36358d
786265a2bd5982232ffdfeeb1e6b72c456c73696e41f7c8ac221ca4407d7008d

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: aaf559a722.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aaf559a722.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://08f11ff51d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-length: 0
location: https://d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d199676c63.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d199676c63.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d199676c63.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d199676c63.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
d199676c63.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: d199676c63.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d199676c63.news-mareka.com/
Cookie: _subid=376l60j117sl41; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:55 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl49; expires=Sat, 08 Jun 2024 22:01:55 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:50 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d199676c63.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-length: 0
location: https://4571cd84a2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

144 kB

URL
8e4c164ae1.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
144 kB (144082 bytes)
Hash
2f09895e90f02416f1969327a569c4c5
0034080dd79f91f26c95b21d8d4ff21f2191b5c9
b8123dee1f431e9acba1501717369c1cd6816ba21ae0ac344829f70b3a2248df

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4571cd84a2.news-mareka.com/
Cookie: _subid=376l60j117sl49; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:55 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl4h; expires=Sat, 08 Jun 2024 22:01:55 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:50 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4571cd84a2.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-length: 0
location: https://97d584cb3e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

97d584cb3e.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
97d584cb3e.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 97d584cb3e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://97d584cb3e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

08f11ff51d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
08f11ff51d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
7a814c547610b53fc52920251a6d7d74
a8ca538f5122e79ec2b7a8801c9311c954c302cc
d102856b79300a2d204229fe1246074bb28e0487d2b2f775124edda4c5464d0f

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 08f11ff51d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08f11ff51d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://97d584cb3e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-length: 0
location: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
1d751ad421.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon4.png

23.158.56.123

7.0 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon4.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon5.png

23.158.56.123

3.3 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon5.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon7.png

23.158.56.123

3.3 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon7.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/lands/39/img/icon8.png

23.158.56.123

4.1 kB

URL
1d751ad421.news-mareka.com/lands/39/img/icon8.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1d751ad421.news-mareka.com/
Cookie: _subid=376l60j117sl4n; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:56 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl4u; expires=Sat, 08 Jun 2024 22:01:56 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:52 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d751ad421.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-length: 0
location: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
23d8d84399.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
23d8d84399.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
23d8d84399.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
23d8d84399.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/
Cookie: _subid=376l60j117sl4u; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:56 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl53; expires=Sat, 08 Jun 2024 22:01:56 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:52 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

0597de83e0.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
0597de83e0.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
e1dace1e9b7f05b516aad7d55c015187
55c8d25d4ba1ad84836bc8ce5e19164a33f7df22
d7ea24428c0b1305f21c8eefd87867c9be7f3b8d2a70bfc23eb0680d3cb94fc1

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0597de83e0.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0597de83e0.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

f413380b80.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
f413380b80.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (46460 bytes)
Hash
e8a5a9419b89d2c14e1e803b960ba9cc
23f7a6b1bbd6e12d2dc103408ccc03fec217dc70
cbc5ceb3fcc5846d3f481bdaca91a5707e5c33469663781a3dffeceb2469032f

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f413380b80.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://23d8d84399.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

17 kB

URL
8e4c164ae1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
17 kB (17038 bytes)
Hash
c359823eb97eca33e8efd0574f1c9e8d
0df84cc5f1c4c2032dd49e8241d6be5dba68f2b3
c6842dd7e00af3246de988e13c793117b61551012f8697c8fd4f2ee221ac7ea0

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8e4c164ae1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://288a0943c2.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f413380b80.news-mareka.com/
Cookie: _subid=376l60j117sl53; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:56 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl5i; expires=Sat, 08 Jun 2024 22:01:56 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:52 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

08f11ff51d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

8.8 kB

URL
08f11ff51d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (7710)
Size
8.8 kB (8836 bytes)
Hash
532bf0e3eb55b38c53afdb78ce114579
b510d5ed91ec68c6aa6d9276f934d5a26987708d
a042071080da2c8c126c71f2ac696fe9fec1672fea226fa302265b244ab56541

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 08f11ff51d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0597de83e0.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:54 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/lp.js

23.158.56.123

758 B

URL
9edf9c03b6.news-mareka.com/lands/36/lp.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators
Size
758 B (758 bytes)
Hash
dbcc3608581394261613182e95963925
d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9
c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8

HTTP Headers

GET /lands/36/lp.js HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
9edf9c03b6.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
9edf9c03b6.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

d199676c63.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

75 kB

URL
d199676c63.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
75 kB (75366 bytes)
Hash
49fd304f09e45c0d7b4dad32bcca137c
4668868521f25133a60bc0d60e8b87ca9e6c68dc
d0ddde111370b8cd895536b4d94ac8fcb4f9c2d6e8807a747e651210714c3747

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d199676c63.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

4571cd84a2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
4571cd84a2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (45634 bytes)
Hash
c8e0eaca9b6b1f0deca043fe47de1250
95187c21816807a35a2c6fadf1c4b1d54f8577f3
0d8c817d3ff06f201a785ec3a715e83b2d9d7271e2b0c5796788868bea48f13f

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 4571cd84a2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4571cd84a2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/player-controls-r.png

23.158.56.123

408 B

URL
9edf9c03b6.news-mareka.com/lands/36/img/player-controls-r.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced
Size
408 B (408 bytes)
Hash
f0e42db89f7d0994b3723b35eb05a49f
b4e08e7b2c525345d86dc2299663915c84a41b2b
13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be

HTTP Headers

GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2

97d584cb3e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

56 kB

URL
97d584cb3e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
56 kB (55980 bytes)
Hash
a1245c8300f9850a8f1d65c16a116ce2
ea95c0d68c12dff2d7813659fabaaebe9ff7f295
ced5d1eb91c20ef5ac9e2677368615042ef18cb07750f7056548c9a1f756005f

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 97d584cb3e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://97d584cb3e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

13 kB

URL
1d751ad421.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
13 kB (12897 bytes)
Hash
c9ef8bcb3fc958aecaa691dfd720d62b
1da8573d9f55b1715c1d99cdec5df2515f45b996
4308c9591b4cbd48c37728cf1dee255629f32bb4aa497aac2ff68f7fa585dcbd

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1d751ad421.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://97d584cb3e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-2.jpg

23.158.56.123

9.5 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-2.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

95.216.46.99

10 kB

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
95.216.46.99:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
10 kB (10144 bytes)
Hash
3c59f1f73d99fc2b14ae0c50d3254cf0
3843d553c070b3e8b5d66c9a37a84a1ccb512d51
0dff436caa6dd48fdbdd6f3bd5483442c4c84ef52fb5fa7e7f4f562e87f82519

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d751ad421.news-mareka.com/
Origin: https://1d751ad421.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://1d751ad421.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

13 kB

URL
727289cb27.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
13 kB (12913 bytes)
Hash
aa1cd78f84e45ff516e029b885aa1b5c
14b0a2621f7e5dc7504c62542b43e5d0fcec99e8
85cd0dd9da35817e56a76c6094ff63b6931ba1eb2c4a790daab5a066c9536477

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 727289cb27.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9a3521b7ec.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-8.jpg

23.158.56.123

9.8 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-8.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

55 kB

URL
23d8d84399.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
55 kB (55179 bytes)
Hash
59ae2902d1ce7e9ee089374a6386a14b
d7717d9b55267459fde67aece8dae636741bd8e3
735c29fd970b2d26ad53f7759cad25ff699f2af231fd5972650a70909bf81c70

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

5c1d856a6e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

54 kB

URL
5c1d856a6e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
54 kB (54370 bytes)
Hash
359edf69fedc2d12bd6b0a2095f2d5e6
3a5a25dbfcef93ba89eb350d7caa4525fe97beff
514678a94d557aff1e93ebf223da147ae74ba6323fb4c1e1b5f3dbbd3698bb10

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 5c1d856a6e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5c1d856a6e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-11.jpg

23.158.56.123

9.5 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-11.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-13.jpg

23.158.56.123

9.4 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-13.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9378 bytes)
Hash
cd911694d58b5fb86c94cf7a1d5b530b
f32925a79b755d76fdf1ae56fa898ef23d816699
5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2

HTTP Headers

GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2

f413380b80.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

54 kB

URL
f413380b80.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
54 kB (54187 bytes)
Hash
e8666db53870cff97992045c60241f74
061cb8ca60a30b02b262b0c5e0cd2a7197a2a0a2
cf23e27768d1a170d4248a866e077d50a95834d0904edf22ff6162b8323cd988

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f413380b80.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f413380b80.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

288a0943c2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

54 kB

URL
288a0943c2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
54 kB (54362 bytes)
Hash
8c7550a491a73904f177dbb35c9ec334
2b0e3737c7d36d37acf4785ff7e2a3e6f1d2ad75
3ba214d54e1297bffffc424b644ee913b4423b0af26d32a8b73bc4811f151505

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 288a0943c2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://288a0943c2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-17.jpg

23.158.56.123

9.6 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-17.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/lands/36/img/pics-18.jpg

23.158.56.123

9.6 kB

URL
9edf9c03b6.news-mareka.com/lands/36/img/pics-18.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9edf9c03b6.news-mareka.com/
Cookie: _subid=376l60j117sl5i; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:57 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl64; expires=Sat, 08 Jun 2024 22:01:57 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:54 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

2.7 kB

URL
d199676c63.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (1334)
Size
2.7 kB (2671 bytes)
Hash
e92d1433dd236976afdc15c167407442
eee97ade4d5ebf76c2c091d204592e3d89e51ef4
68b1cef2612a20c85c8ae9e1e03d450741765de10ad369460b9fc96b33a00275

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d199676c63.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://08f11ff51d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

352f0926b3.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
352f0926b3.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 352f0926b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://352f0926b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

352f0926b3.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
352f0926b3.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: 352f0926b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://352f0926b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

352f0926b3.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
352f0926b3.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 352f0926b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://352f0926b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://352f0926b3.news-mareka.com/
Cookie: _subid=376l60j117sl64; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:57 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl68; expires=Sat, 08 Jun 2024 22:01:57 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:54 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://352f0926b3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-length: 0
location: https://b2bee0ea11.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

b2bee0ea11.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
b2bee0ea11.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: b2bee0ea11.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b2bee0ea11.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b2bee0ea11.news-mareka.com/
Cookie: _subid=376l60j117sl68; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:57 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl6f; expires=Sat, 08 Jun 2024 22:01:57 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:54 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

b2bee0ea11.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
b2bee0ea11.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
82f7550154d0782990998afb02b0860b
4b7c874a1243807b42a39eb2a5e36c71cceb5cb4
3d5e91d1d9e413d5e327610669cc6fc73e8ff5ea8ffc74bc36623dd5226807e7

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b2bee0ea11.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b2bee0ea11.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

1f73583cb4.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
1f73583cb4.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 1f73583cb4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1f73583cb4.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

1f73583cb4.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
1f73583cb4.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 1f73583cb4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1f73583cb4.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

352f0926b3.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
352f0926b3.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (499712 bytes)
Hash
66442787409b637e361ee219f177be27
e917c9acd76df9bebd743400474dcf19b536ba84
478a0c2a0d52100c556e48ef0f46cfcf9a6525c2dc68db47bdae2282251f2132

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: 352f0926b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://352f0926b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1f73583cb4.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-length: 0
location: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

1f73583cb4.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
1f73583cb4.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (44310)
Size
45 kB (45447 bytes)
Hash
4a6e66bb55b5950853535223ccf6842d
2943d6907999875c679b1442aff2e1dba33b115f
119438b9eef92e9ec155c832dcb3cdf25d7f1dfb5b323dd30d4f157b90625f39

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1f73583cb4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1f73583cb4.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
69fe434788.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
69fe434788.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
69fe434788.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
69fe434788.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/Spin-1s-80px.gif

23.158.56.123

31 kB

URL
69fe434788.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/player-controls-l.png

23.158.56.123

945 B

URL
69fe434788.news-mareka.com/lands/36/img/player-controls-l.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced
Size
945 B (945 bytes)
Hash
6865c8700b582e4c7848472bb23dd65a
c5ea2c514de8f55145550f9589e1e07cda457994
e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324

HTTP Headers

GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/player-controls-r.png

23.158.56.123

408 B

URL
69fe434788.news-mareka.com/lands/36/img/player-controls-r.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced
Size
408 B (408 bytes)
Hash
f0e42db89f7d0994b3723b35eb05a49f
b4e08e7b2c525345d86dc2299663915c84a41b2b
13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be

HTTP Headers

GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/player-bg.jpg

23.158.56.123

11 kB

URL
69fe434788.news-mareka.com/lands/36/img/player-bg.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-1.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-1.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-2.jpg

23.158.56.123

9.5 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-2.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-5.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-5.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-6.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-6.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9620 bytes)
Hash
a83d5196e71bd6f9c55ef3e7322e527c
9dbddad413391599552c4d9cc5c9e8a287ef910f
52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818

HTTP Headers

GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

dcab15ed3f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

20 kB

URL
dcab15ed3f.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
20 kB (19501 bytes)
Hash
1d33bf32ac1db8283f24da726a0a26e3
6b4cef6e6745dd8e3a963f0ecf72f9baa153f23f
633528ab39c267ef83fcc563834f49b8088ec35807930e4284eaa7579b593153

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: dcab15ed3f.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://255eab8170.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:53 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-9.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-9.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-10.jpg

23.158.56.123

9.7 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-10.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-11.jpg

23.158.56.123

9.5 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-11.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875

65.109.24.247

16 kB

URL
60bbdb8ff4.news-mareka.com/?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
16 kB (15695 bytes)
Hash
ef9415d62d74a7e6ae03ca7287c29c93
79731cc76af33e2f1634b13bdc9fab0e3ddae364
b18801863a142861f81279240851ac05130bc2179fcd0b5c985a7a7b5fc271f4

HTTP Headers

GET /?id=1221715335&p1=7114806&p2=high&p3=8100618&p4=812194207551984875 HTTP/1.1
Host: 60bbdb8ff4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:48 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8a42934edf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

18 kB

URL
8a42934edf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
18 kB (18334 bytes)
Hash
edc8673e2d9b0c26d25330d01edc8a8f
fff2428db7bd15b7ee6c641fe4c0c0da11aad0d9
f12917f49507ee6e5d70e3ce3437d173800b4d4453db7dc6490989a8fcaf713c

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 8a42934edf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dd39a8b9a8.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

26 kB

URL
d1c2467185.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
26 kB (25698 bytes)
Hash
9b17a8c37f0dc454fafbac7a4e074a8f
59f39758e08321edda7e2015bec6e01e0c0e2a28
43ec54632d8719c2d323047064f80b9b3ab6fa040926e596d3a04ed133100aed

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d1c2467185.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://727289cb27.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:52 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-17.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-17.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

69fe434788.news-mareka.com/lands/36/img/pics-18.jpg

23.158.56.123

9.6 kB

URL
69fe434788.news-mareka.com/lands/36/img/pics-18.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: 69fe434788.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://69fe434788.news-mareka.com/
Cookie: _subid=376l60j117sl6k; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:58 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl6s; expires=Sat, 08 Jun 2024 22:01:58 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69fe434788.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-length: 0
location: https://f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

95.216.46.99

9.0 kB

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
95.216.46.99:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
9.0 kB (8953 bytes)
Hash
5825d2b65b3b3e44a97ca5aee1374e26
cdbf3c5a72034e874e0b7cab694eed1236e7d95f
b05c12de7c06464d6aabeb6f783834a981095b3af53154a62d07bf06dd76bbbf

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1f73583cb4.news-mareka.com/
Origin: https://1f73583cb4.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://1f73583cb4.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

f038dd5cea.news-mareka.com/lands/57/css/style.css

23.158.56.123

1.2 kB

URL
f038dd5cea.news-mareka.com/lands/57/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: f038dd5cea.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

f038dd5cea.news-mareka.com/lands/57/js/device.js

23.158.56.123

1.1 kB

URL
f038dd5cea.news-mareka.com/lands/57/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: f038dd5cea.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f038dd5cea.news-mareka.com/
Cookie: _subid=376l60j117sl6s; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:58 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl72; expires=Sat, 08 Jun 2024 22:01:58 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f038dd5cea.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-length: 0
location: https://c27bbd9ebf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

c27bbd9ebf.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
c27bbd9ebf.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: c27bbd9ebf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c27bbd9ebf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c27bbd9ebf.news-mareka.com/
Cookie: _subid=376l60j117sl72; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:58 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl7b; expires=Sat, 08 Jun 2024 22:01:58 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:56 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c27bbd9ebf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-length: 0
location: https://578e2554d2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

f038dd5cea.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

62 kB

URL
f038dd5cea.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
62 kB (61635 bytes)
Hash
4e476bc839c69bbdaf4ec2d6783903f8
f7bc6ef7dad5585743663f2a783dee5ad4558142
feb54665c661027c4071e4961bf49af0bed4c30791413da1c690421b8156203c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f038dd5cea.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

578e2554d2.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
578e2554d2.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: 578e2554d2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://578e2554d2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

578e2554d2.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
578e2554d2.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: 578e2554d2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://578e2554d2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

578e2554d2.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
578e2554d2.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: 578e2554d2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://578e2554d2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

578e2554d2.news-mareka.com/lands/53/js/device.js

23.158.56.123

1.1 kB

URL
578e2554d2.news-mareka.com/lands/53/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: 578e2554d2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://578e2554d2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

c27bbd9ebf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
c27bbd9ebf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
d4a13b435199204a7f5ec47a91857445
f5da537ac92536be0f9ebf16776b758d1a490c22
18523979d5a30580ba7cd7a692e0f9662a4a752db1326f580e3f9c17f7e4183d

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c27bbd9ebf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c27bbd9ebf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://578e2554d2.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-length: 0
location: https://43f05b9454.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

43f05b9454.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
43f05b9454.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 43f05b9454.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://43f05b9454.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://43f05b9454.news-mareka.com/
Cookie: _subid=376l60j117sl7j; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:59 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl7s; expires=Sat, 08 Jun 2024 22:01:59 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://43f05b9454.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-length: 0
location: https://0f614685b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

0f614685b3.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
0f614685b3.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 0f614685b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0f614685b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

43f05b9454.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

47 kB

URL
43f05b9454.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
47 kB (47068 bytes)
Hash
faee56104fd8e0fd5493efbfbf77e1b6
3a89c522c9b8caba55ad02d3161eb4a1cec6e640
ceb52b4b8c90dce2b07ad9458b93428315f67a49d25a273b332086f547db422c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 43f05b9454.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://43f05b9454.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0f614685b3.news-mareka.com/
Cookie: _subid=376l60j117sl7s; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:59 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl85; expires=Sat, 08 Jun 2024 22:01:59 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0f614685b3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-length: 0
location: https://c94c8d967c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

c94c8d967c.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
c94c8d967c.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: c94c8d967c.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c94c8d967c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c94c8d967c.news-mareka.com/
Cookie: _subid=376l60j117sl85; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:01:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:01:59 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl8d; expires=Sat, 08 Jun 2024 22:01:59 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:03:58 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

c94c8d967c.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
c94c8d967c.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
c7dbe60a940fecf786d442debfd5833f
dd464e0a021b8e033b861a95856d6987ae0ef00e
6994b0e6b2aa8d69d537249b93f77b281fe735fd8e834957f2ce8af1c698015c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c94c8d967c.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c94c8d967c.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d81df29cc3.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
d81df29cc3.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
d81df29cc3.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
d81df29cc3.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/lands/53/js/device.js

23.158.56.123

1.1 kB

URL
d81df29cc3.news-mareka.com/lands/53/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/
Cookie: _subid=376l60j117sl8d; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:00 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl8j; expires=Sat, 08 Jun 2024 22:02:00 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:00 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

94.130.32.96

584 B

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
94.130.32.96:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
584 B (584 bytes)
Hash
43511fe3644c5fd2174da06bed739191
4a259a492c99a6cdf6ca6b24a50897b7c1c06715
bcab17e0a2301cd9e9339a05449f759b2e04dcba1b536021ef79b15b3057bf58

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c94c8d967c.news-mareka.com/
Origin: https://c94c8d967c.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://c94c8d967c.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

7a72402dbf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
7a72402dbf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
4ed4bb18f44939717f6db9437ef2e112
881e208ff96e47a91c263baa37d574531c56b85a
91d7402e63545c18e8506101e8fb862c8ac49a59d9e3d368a508a3614dc46edd

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7a72402dbf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d81df29cc3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

7a72402dbf.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
7a72402dbf.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 7a72402dbf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a72402dbf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

7a72402dbf.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
7a72402dbf.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 7a72402dbf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a72402dbf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

7a72402dbf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
7a72402dbf.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
155e26177cc4293a2bb9f2626a76d04b
53cdf5e9a5b594effde292e5686bbc2e134ebdf5
df6c8110bc04dc151c6795f1a3cbdc62ff0363d09ee5d5a239e0b56f0e59c380

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7a72402dbf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7a72402dbf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7a72402dbf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-length: 0
location: https://7672242f69.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

7672242f69.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
7672242f69.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 7672242f69.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7672242f69.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

7672242f69.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
7672242f69.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: 7672242f69.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7672242f69.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7672242f69.news-mareka.com/
Cookie: _subid=376l60j117sl8v; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:00 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sl95; expires=Sat, 08 Jun 2024 22:02:00 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:00 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7672242f69.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-length: 0
location: https://39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
6b74f74fde9be561e3b41f0ac7f22dd7
f13b0bf4b5d0c75b07a9ea93ea49581bf7c6aa54
cf520c79ab8b99cfd0462d97ccb50d1ed6df95fb87d2e7cbc237bee7e87db1f4

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 39bc115132.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7672242f69.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

39bc115132.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
39bc115132.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 39bc115132.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

39bc115132.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
39bc115132.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 39bc115132.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

97d584cb3e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

77 kB

URL
97d584cb3e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (64512)
Size
77 kB (77431 bytes)
Hash
a7a24a987318c7ad1900f3e84f64ad22
467caaf95ac68855f941378115cf7a78ab888571
b3ceeede97adc135d9612f074d66f3fc31da8d2bd80b13fe6b63df35c9570164

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 97d584cb3e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4571cd84a2.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:55 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39bc115132.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-length: 0
location: https://5d35232dd6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

5d35232dd6.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
5d35232dd6.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 5d35232dd6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5d35232dd6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

49 kB

URL
f038dd5cea.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (44310)
Size
49 kB (49249 bytes)
Hash
d7e081cae24ee7ae880052c23d3dbf92
59c7ec8d941f82d3c016b981a8de9a51b5a51637
fbb69e80011324943ce48ac3dac8cc86c30f591099b056d2671664eaa24a69fe

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: f038dd5cea.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69fe434788.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:58 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5d35232dd6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-length: 0
location: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a181ab30f5.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
a181ab30f5.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: a181ab30f5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

a181ab30f5.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
a181ab30f5.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: a181ab30f5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

a181ab30f5.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
a181ab30f5.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: a181ab30f5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

7672242f69.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

547 kB

URL
7672242f69.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
547 kB (547442 bytes)
Hash
e613fe5880d027c6432a860eba95f7fe
c6c6f8def5f415ce9786e0a2bd420f3ba167ec17
afcff056b6e71fee08031e2a1835d213331c838fe2f61c0757b6ce3b1b3b4e3c

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7672242f69.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7a72402dbf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a181ab30f5.news-mareka.com/lands/53/js/device.js

23.158.56.123

1.1 kB

URL
a181ab30f5.news-mareka.com/lands/53/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: a181ab30f5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/
Cookie: _subid=376l60j117sl9s; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:01 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sla6; expires=Sat, 08 Jun 2024 22:02:01 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a181ab30f5.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-length: 0
location: https://ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

ec68a11d13.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
ec68a11d13.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: ec68a11d13.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ec68a11d13.news-mareka.com/lands/57/css/style.css

23.158.56.123

1.2 kB

URL
ec68a11d13.news-mareka.com/lands/57/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: ec68a11d13.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ec68a11d13.news-mareka.com/lands/57/js/device.js

23.158.56.123

1.1 kB

URL
ec68a11d13.news-mareka.com/lands/57/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: ec68a11d13.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

144.76.56.162

589 B

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
144.76.56.162:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
589 B (589 bytes)
Hash
5e02d2a8f6c72666d4becb22731c9aeb
ab3f761baf0266c9e287020d7bd1fb7bfd9c1a38
cc5628a52df21f8ce79e336cf5bf6562cbd368d108b9fdc902094fd109b38456

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a181ab30f5.news-mareka.com/
Origin: https://a181ab30f5.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://a181ab30f5.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ec68a11d13.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-length: 0
location: https://255a2fcfa6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

255a2fcfa6.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
255a2fcfa6.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 255a2fcfa6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://255a2fcfa6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

255a2fcfa6.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
255a2fcfa6.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 255a2fcfa6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://255a2fcfa6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

b2bee0ea11.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

54 kB

URL
b2bee0ea11.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (44310)
Size
54 kB (54440 bytes)
Hash
d6115197284c0a15a96dd9906179c84b
1a7a2d518d3bbe94859f2f021b70dc265950261d
3827e2fe6896059c94572b137a46e6c0bd914998b1751f57ee0c7717eca5fed5

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b2bee0ea11.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://352f0926b3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://255a2fcfa6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-length: 0
location: https://c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

c219f7b5bc.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
c219f7b5bc.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: c219f7b5bc.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

c219f7b5bc.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
c219f7b5bc.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: c219f7b5bc.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c219f7b5bc.news-mareka.com/
Cookie: _subid=376l60j117slaj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:02 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slaq; expires=Sat, 08 Jun 2024 22:02:02 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:04 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c219f7b5bc.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-length: 0
location: https://a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a065406aab.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
a065406aab.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: a065406aab.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

a065406aab.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
a065406aab.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: a065406aab.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

a181ab30f5.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
a181ab30f5.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
65efc936cd11a9d36c47cb30a13d1d44
c872f4bfaff78398245c6a3c3d21289042a834c8
7b2624948c4d9e52c8dbacb97c4d4655d12408f82dfc4f46df91b89bd63e64a5

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a181ab30f5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a181ab30f5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

16 kB

URL
23d8d84399.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14721)
Size
16 kB (16025 bytes)
Hash
740f4ffe3ae3d359976ba3b5bbd49e91
c4e2f0d434422837317a788b3f3c5295289f38f7
ae2e169f4c3b71313a4dae95b0266bc740d7f618fcd83a2e34ca6e89064884f9

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 23d8d84399.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1d751ad421.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/lp.js

23.158.56.123

758 B

URL
094986d265.news-mareka.com/lands/36/lp.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators
Size
758 B (758 bytes)
Hash
dbcc3608581394261613182e95963925
d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9
c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8

HTTP Headers

GET /lands/36/lp.js HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2

094986d265.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
094986d265.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
094986d265.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
094986d265.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
094986d265.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/Spin-1s-80px.gif

23.158.56.123

31 kB

URL
094986d265.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

11dde55c58.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

78 kB

URL
11dde55c58.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (64512)
Size
78 kB (78376 bytes)
Hash
ec335c1a9b782b23ad38f7f1b674be9e
0a469a0e79adabfae3487f08e0b6ed70b2d051a1
8f5fc1c456238555cf112ca9a6ad1d508e07215491db5b70defefce994b1d470

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 11dde55c58.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8a42934edf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

16 kB

URL
b17736b173.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
16 kB (16433 bytes)
Hash
f7f09c6d85160a7affddd2a65bff8ae3
0d5ab99751c1c86f15b2f2e9dab73766389f27ee
63c5fe695190344d999973cb2bdf64bfb49ac8f42e89d45aa6432dad554571f3

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: b17736b173.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2e6f04d06f.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:51 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/player-bg.jpg

23.158.56.123

11 kB

URL
094986d265.news-mareka.com/lands/36/img/player-bg.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

11dde55c58.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

54 kB

URL
11dde55c58.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
54 kB (54293 bytes)
Hash
e98ab235b5bf4f65a103fab9a22ec84b
b8b4b86cf59c1ad4a171afbe42c9bcfcb4147aca
d4be8d48d3d489340a7a09fedc1c8143b03c2fc30ac3ac5565a5cc405e132d2e

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 11dde55c58.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11dde55c58.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

39bc115132.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

54 kB

URL
39bc115132.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
54 kB (54163 bytes)
Hash
fe29654b16b8fdaf3acca5aa6632ae66
22ba9b8d0b0220dcc81dacd4273a6423376002fd
b7e875269b50dc09410d712180eb2bfe18b23b2425fae6874fbc4e83dce72e7c

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 39bc115132.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39bc115132.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

094986d265.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
094986d265.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: 094986d265.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://094986d265.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

c219f7b5bc.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
c219f7b5bc.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (45532 bytes)
Hash
f54322d889cfbc857fc63e4a059141d4
a0961ce0ef714f97bf1c01c02e829f3cd95b7a12
117e424ce11cb81eb940054176b37a23831bd7bd93a461595b9458bc89a7f4ba

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c219f7b5bc.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://094986d265.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-length: 0
location: https://9cda27debf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic

142.250.74.106

8.9 kB

URL
fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417)
Size
8.9 kB (8894 bytes)
Hash
9b96449779dba7b9770970658e2fcee4
f7fdda44296aa537742de18218991f0a59898ff9
09da4fdcf12506d6ba400330693ec60b1636ae576a8f29b6c9dd742764ebcb48

HTTP Headers

GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39bc115132.news-mareka.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:02:00 GMT
date: Wed, 08 May 2024 22:02:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9cda27debf.news-mareka.com/
Cookie: _subid=376l60j117slb4; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:03 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slbe; expires=Sat, 08 Jun 2024 22:02:03 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:06 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9cda27debf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-length: 0
location: https://3b300187fa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

3b300187fa.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
3b300187fa.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 3b300187fa.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3b300187fa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3b300187fa.news-mareka.com/
Cookie: _subid=376l60j117slbe; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:03 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slbj; expires=Sat, 08 Jun 2024 22:02:03 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:06 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3b300187fa.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-length: 0
location: https://05ac7aa047.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

05ac7aa047.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
05ac7aa047.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 05ac7aa047.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://05ac7aa047.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://05ac7aa047.news-mareka.com/
Cookie: _subid=376l60j117slbj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:03 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slbv; expires=Sat, 08 Jun 2024 22:02:03 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:06 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://05ac7aa047.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-length: 0
location: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

94.130.32.96

46 kB

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
94.130.32.96:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
46 kB (46035 bytes)
Hash
94ecba27c249dc12b927d452c3d0b2ef
02adf18265f0ec1b4449a4062509da16387ae6a1
f6c10bd288b75142cd259ad64e0274fd47c3c223a5df54562bfd63c5069e9e82

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3b300187fa.news-mareka.com/
Origin: https://3b300187fa.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://3b300187fa.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d7e1f16ce8.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
d7e1f16ce8.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/Spin-1s-80px.gif

23.158.56.123

31 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/player-controls-l.png

23.158.56.123

945 B

URL
d7e1f16ce8.news-mareka.com/lands/36/img/player-controls-l.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced
Size
945 B (945 bytes)
Hash
6865c8700b582e4c7848472bb23dd65a
c5ea2c514de8f55145550f9589e1e07cda457994
e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324

HTTP Headers

GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2

7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

10 kB

URL
7a8f7fa289.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
10 kB (10436 bytes)
Hash
7dc1c59af2436d3258223e5f5024421b
ba747da048ae004200535f7c963c13acb003ea94
2cc1282c63a7224ed45656cb79ce5aa6b4824b55c7f81ebf7f8ae1ec44ea441d

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 7a8f7fa289.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a05f7c538a.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/player-bg.jpg

23.158.56.123

11 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/player-bg.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-1.jpg

23.158.56.123

9.6 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-1.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-2.jpg

23.158.56.123

9.5 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-2.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-5.jpg

23.158.56.123

9.6 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-5.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

14 kB

URL
6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
14 kB (14180 bytes)
Hash
7404d70de20fe295c2548eebe469fa24
fa92953d250d2ea7be04ba5fff37d5f7d3a2996e
f0e857aa586449a5e8ac3248fc25dfc9cbc60d48a3c015ed5b13d8a1c710a8af

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 6b8ea0f25d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8719229c8c.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-8.jpg

23.158.56.123

9.8 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-8.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-9.jpg

23.158.56.123

9.6 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-9.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-10.jpg

23.158.56.123

9.7 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-10.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-11.jpg

23.158.56.123

9.5 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-11.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-13.jpg

23.158.56.123

9.4 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-13.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9378 bytes)
Hash
cd911694d58b5fb86c94cf7a1d5b530b
f32925a79b755d76fdf1ae56fa898ef23d816699
5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2

HTTP Headers

GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2

6b8ea0f25d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

146 kB

URL
6b8ea0f25d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
146 kB (145470 bytes)
Hash
5392ebf76df7d2c2fbb156f6e7eaf75e
38edf023f1beabf5303fb2c3058b54c850d9e2dd
be5955b886a704c17f4d0dff76c0bd56be3893ad2143167f2a9b135eff9867eb

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 6b8ea0f25d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6b8ea0f25d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-15.jpg

23.158.56.123

9.7 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-15.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9673 bytes)
Hash
bf608c2d10293273951a88b8d38de015
15b2a17c7300725aacc27f320480dfe5bf173a00
118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f

HTTP Headers

GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
d7e1f16ce8.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

95.216.46.99

102 kB

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
95.216.46.99:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
102 kB (101720 bytes)
Hash
0b340a2f9353506f8460d7c455f0c472
d29f26cff71ab40288c87366b23a93fd23c0b581
419c25804608f8088a4f2c5fa6da5f661740395fc7ccd769e11dc50d7d873120

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11dde55c58.news-mareka.com/
Origin: https://11dde55c58.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:50 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://11dde55c58.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d7e1f16ce8.news-mareka.com/
Cookie: _subid=376l60j117slbv; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:04 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slca; expires=Sat, 08 Jun 2024 22:02:04 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:08 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d7e1f16ce8.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-length: 0
location: https://31e9cb8087.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

31e9cb8087.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
31e9cb8087.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 31e9cb8087.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://31e9cb8087.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://31e9cb8087.news-mareka.com/
Cookie: _subid=376l60j117slca; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:04 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slcg; expires=Sat, 08 Jun 2024 22:02:04 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:08 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31e9cb8087.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-length: 0
location: https://429b84f309.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

181 kB

URL
dd39a8b9a8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
181 kB (181311 bytes)
Hash
14ff47b91de3dc4d62afae7c9a721118
2ddd8cfcdf166cf84496d095165fc5cc584d8a61
97204e9b3f065b4067ac34a18d70d724dafc57d760367c6403570e5da4c44c42

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: dd39a8b9a8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60bbdb8ff4.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:49 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

94.130.32.96

843 B

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
94.130.32.96:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
843 B (843 bytes)
Hash
1e2a4435934eadd2b97e937005eccb2e
121b666596eeee3d6fe4c4614cc37edec6a17c32
7b62677b8b9d72fd5017f64f74f68ff69e2b1ff4af2828eb4476a5ff329771a0

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://05ac7aa047.news-mareka.com/
Origin: https://05ac7aa047.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://05ac7aa047.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://429b84f309.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-length: 0
location: https://621cc0e4f6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

429b84f309.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

53 kB

URL
429b84f309.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
53 kB (52799 bytes)
Hash
28bf3431acbf3c5feea6deb86393bdd9
16f9cae97b02bebc9ca9af7d654e0c8a89861ad5
313bb6d577026f54307ba3d49cac6cf005d431e097ac021fd37f4e7199441143

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 429b84f309.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://429b84f309.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://621cc0e4f6.news-mareka.com/
Cookie: _subid=376l60j117slcp; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:04 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slcu; expires=Sat, 08 Jun 2024 22:02:04 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:08 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://621cc0e4f6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-length: 0
location: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
dd990bea48.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon4.png

23.158.56.123

7.0 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon4.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon5.png

23.158.56.123

3.3 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon5.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon7.png

23.158.56.123

3.3 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon7.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/lands/39/img/icon8.png

23.158.56.123

4.1 kB

URL
dd990bea48.news-mareka.com/lands/39/img/icon8.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

94.130.32.96

839 B

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
94.130.32.96:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
839 B (839 bytes)
Hash
fb23f53c722319c537f35e1c02684ccc
2d5ec30609148263bfdd6a26f7fa8324d8f445f6
7dd9ea1498d252ffc4b8945148fad263ff87f93b14ae765f4f4c27116cbcd743

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://621cc0e4f6.news-mareka.com/
Origin: https://621cc0e4f6.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://621cc0e4f6.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dd990bea48.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-length: 0
location: https://5ce630a2fb.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

5ce630a2fb.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
5ce630a2fb.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 5ce630a2fb.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ce630a2fb.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

5ce630a2fb.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
5ce630a2fb.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 5ce630a2fb.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ce630a2fb.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5ce630a2fb.news-mareka.com/
Cookie: _subid=376l60j117sld6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:05 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sldc; expires=Sat, 08 Jun 2024 22:02:05 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:10 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5ce630a2fb.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-length: 0
location: https://562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
eef861826255c180b4b4c3ed583f6048
0d15218461cd04b99e4d53adc560e8c81425a2a0
251c1957781a8f14b8a82c7fa8b99eb18bdaca4fd6f98bb3b9dbb6d842b6a724

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 562cfbc583.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5ce630a2fb.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

562cfbc583.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
562cfbc583.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 562cfbc583.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

562cfbc583.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
562cfbc583.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 562cfbc583.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

11 kB

URL
9edf9c03b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
11 kB (10812 bytes)
Hash
739c6afb9d4d8d98c7e5a877645021c3
a8bbb7541d64b31064508e62d11cc527ce91ccbe
ddb795bf16cd66e69f997a5ad069c3daf7369540b5dbcef2f0846ba05c7f6742

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9edf9c03b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f413380b80.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:56 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

1f73583cb4.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

38 kB

URL
1f73583cb4.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (36946)
Size
38 kB (38350 bytes)
Hash
f9f037af4b1b45e5fed1a44ae0ad1b2e
543d451e1bec46f2723a92ce927b84cc73d5f742
3634a95ac144be12f9b7f5c842fc0b5418c25fd51665176b70b1d046ca9aeab0

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1f73583cb4.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2bee0ea11.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:57 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

11 kB

URL
a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
11 kB (10781 bytes)
Hash
72912cf0d78363bfa0ddddeae86728c1
c73bad2f13e028b392cb71b21030250faf7f5cf3
e4fe50e8641ef1360c0ac5fdcef97267b743a6c593c89ce5194e1168f81aa5cd

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a065406aab.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c219f7b5bc.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

ab18e3e225.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
ab18e3e225.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: ab18e3e225.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ab18e3e225.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

4.6 kB

URL
ec68a11d13.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3027)
Size
4.6 kB (4560 bytes)
Hash
a05c85434a05002dbde83394d51f829f
da997970e254c590b1968fbca04a53b25ee261ab
e76f428c46f10b448a5ce80a31c7caa7bd37261ae5dc690b9ea3c862bdcfff26

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ec68a11d13.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a181ab30f5.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ab18e3e225.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-length: 0
location: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

0f614685b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

101 kB

URL
0f614685b3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (44310)
Size
101 kB (101002 bytes)
Hash
d1cb8daecd5717ce25330968cf9a4285
ddc4a81e87e35d55749f77f7b881b43cb58fa56d
a7ffff4fc9c451e3d66856cc5faf4cbe6a3303713714f173900cbfe691fa18a4

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0f614685b3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://43f05b9454.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:01:59 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

bf753ccf19.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
bf753ccf19.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

bf753ccf19.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
bf753ccf19.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

bf753ccf19.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
bf753ccf19.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

d81df29cc3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

52 kB

URL
d81df29cc3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
52 kB (51721 bytes)
Hash
f0b0c8435f015108f16b97551d26569d
bcf3dcafbb5fae71171acde7c73a562cdecab7e5
3c60536d1aefd68446ee2ee2509db9934415c48c8f993b5c737f18b9639e1225

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d81df29cc3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d81df29cc3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

bf753ccf19.news-mareka.com/lands/39/img/icon5.png

23.158.56.123

3.3 kB

URL
bf753ccf19.news-mareka.com/lands/39/img/icon5.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

bf753ccf19.news-mareka.com/lands/39/img/icon7.png

23.158.56.123

3.3 kB

URL
bf753ccf19.news-mareka.com/lands/39/img/icon7.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

562cfbc583.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

49 kB

URL
562cfbc583.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
49 kB (48753 bytes)
Hash
32dd630fc7fd6a80d017a40111387af2
f6297554bd92140c01283d5da821d4b09867dcf4
79a21b00d8f5c5eda1c923cef3bde70c752813964a75c154668065395f3ce477

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 562cfbc583.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://562cfbc583.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

83 kB

URL
c219f7b5bc.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (37323)
Size
83 kB (83039 bytes)
Hash
042440cf957956d0c5730532031f7858
ecfaf847fade9e64a6cf4acdcf2be0cf989529c4
067726b824dd7895bfc211ccb3d3a140c5b0b81d9db396222a52a336d3bb12b4

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: c219f7b5bc.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://255a2fcfa6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf753ccf19.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-length: 0
location: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

e39c2b33d3.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
e39c2b33d3.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: e39c2b33d3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

e39c2b33d3.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
e39c2b33d3.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: e39c2b33d3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

e39c2b33d3.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
e39c2b33d3.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: e39c2b33d3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

e39c2b33d3.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
e39c2b33d3.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: e39c2b33d3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/
Cookie: _subid=376l60j117sle2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:06 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sle8; expires=Sat, 08 Jun 2024 22:02:06 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:12 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e39c2b33d3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-length: 0
location: https://0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

0ef52cc17a.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
0ef52cc17a.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 0ef52cc17a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

0ef52cc17a.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
0ef52cc17a.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 0ef52cc17a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ef52cc17a.news-mareka.com/
Cookie: _subid=376l60j117sle8; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:06 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slec; expires=Sat, 08 Jun 2024 22:02:06 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:12 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0ef52cc17a.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-length: 0
location: https://25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
677b937b59362790849856b536d42843
6c5bb48933b7a85ffb1cc3a3b6ee77240abba3d9
8da613304976380e47fb5e545a34baee9cf8b84b2ec3a69c5b0b562103bdcbf8

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 25dac62c59.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://0ef52cc17a.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

25dac62c59.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
25dac62c59.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 25dac62c59.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

25dac62c59.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
25dac62c59.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 25dac62c59.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9cda27debf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

8.8 kB

URL
9cda27debf.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (7710)
Size
8.8 kB (8836 bytes)
Hash
a27e2653a60d777cfe33ae7127245db6
432b78a821734928b02640c99a7c2ebb97ab289d
31e5238a33f9d19948d0d121bd5d8330db34d163f7f715cf85b24883971f1335

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9cda27debf.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://094986d265.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://25dac62c59.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-length: 0
location: https://775bdd929d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

775bdd929d.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
775bdd929d.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 775bdd929d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://775bdd929d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

775bdd929d.news-mareka.com/lands/57/css/style.css

23.158.56.123

1.2 kB

URL
775bdd929d.news-mareka.com/lands/57/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: 775bdd929d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://775bdd929d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

775bdd929d.news-mareka.com/lands/57/js/device.js

23.158.56.123

1.1 kB

URL
775bdd929d.news-mareka.com/lands/57/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: 775bdd929d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://775bdd929d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

e39c2b33d3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
e39c2b33d3.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
0fc026e92fb478e9d3835f012ffd7278
6bdd4d465408039f98cbff7c40918e604333b4b0
c8c7facc72a4b309e6b97069e0e34655be9f6c248352235bbf13b0fe91618ad2

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e39c2b33d3.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e39c2b33d3.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://775bdd929d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-length: 0
location: https://45fcaf7a28.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

45fcaf7a28.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
45fcaf7a28.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 45fcaf7a28.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45fcaf7a28.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

45fcaf7a28.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
45fcaf7a28.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: 45fcaf7a28.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45fcaf7a28.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

45fcaf7a28.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
45fcaf7a28.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: 45fcaf7a28.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45fcaf7a28.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

45fcaf7a28.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
45fcaf7a28.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: 45fcaf7a28.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45fcaf7a28.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

621cc0e4f6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

84 kB

URL
621cc0e4f6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (64512)
Size
84 kB (84463 bytes)
Hash
c4c659606e7ead228c4c8d5e2a3c2ea8
7a2ae2d537a03664f4d71188e9952350fb559501
aee9d89609c0da4e792c0606b7787c2d0337e4f31deb9fe33e9a010761109e6f

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 621cc0e4f6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://429b84f309.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

58 kB

URL
d7e1f16ce8.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
58 kB (57981 bytes)
Hash
c09e88db9aa025968cf656bf697b6185
d82eaada7f5fb2226f27e22c883d44c8273497db
6a6d1fa01abc9b3f9ac4cbe450a01afe8e5b4d892fe9a1f6243d1ce6d349602d

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d7e1f16ce8.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://05ac7aa047.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45fcaf7a28.news-mareka.com/
Cookie: _subid=376l60j117slen; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:06 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slf2; expires=Sat, 08 Jun 2024 22:02:06 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:12 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://45fcaf7a28.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-length: 0
location: https://d483a2802b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d483a2802b.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d483a2802b.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d483a2802b.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d483a2802b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d483a2802b.news-mareka.com/
Cookie: _subid=376l60j117slf2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:07 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slfa; expires=Sat, 08 Jun 2024 22:02:07 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:14 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

bf753ccf19.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
bf753ccf19.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
47766519da0a9d11088c35b2dfa26b4d
e1a7dadee9687ffb2f69d6cf4a75d0b33a2cd762
31d4241a6d76a1d5391ab15e7f0253fb119ab575d7a23d9c37b801531db33803

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: bf753ccf19.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bf753ccf19.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d870d24afa.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d870d24afa.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d870d24afa.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d870d24afa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

0ef52cc17a.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
0ef52cc17a.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
e594bfdcb38ebffcab2925fbd14e5116
13850fe4db03f046a969afeb0c814811de315b71
9cddd21fb096d59d662d178231ed4b1f8bf10fa0eda3f7c030760baf1571309a

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0ef52cc17a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d870d24afa.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-length: 0
location: https://9576d8657e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9576d8657e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
9576d8657e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
89ec3fd55cb7b0a5538d7ecb3f05725e
371aa81c9587c450ea3da8e9ef4ac5cdd262c525
aad4619f2e78f1490c3412b8aae196cd1b630efa22257cd650041645f6999421

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9576d8657e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d870d24afa.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9576d8657e.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
9576d8657e.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 9576d8657e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9576d8657e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9576d8657e.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
9576d8657e.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 9576d8657e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9576d8657e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9576d8657e.news-mareka.com/
Cookie: _subid=376l60j117slff; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:07 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slfl; expires=Sat, 08 Jun 2024 22:02:07 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:14 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9576d8657e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-length: 0
location: https://8949b722d5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

8949b722d5.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
8949b722d5.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 8949b722d5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8949b722d5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

8949b722d5.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
8949b722d5.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 8949b722d5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8949b722d5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8949b722d5.news-mareka.com/
Cookie: _subid=376l60j117slfl; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:07 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slfo; expires=Sat, 08 Jun 2024 22:02:07 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:14 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

621cc0e4f6.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
621cc0e4f6.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (45529 bytes)
Hash
7cd07591f4a56163e15a12290f8b9f69
f9ea449259a2737c0912b4ace389bfb3b440eb39
b46de701608546b24f2da0a21b204ef2d11b0acdc7687be5467720b2c05451b6

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 621cc0e4f6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://621cc0e4f6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d95f5818c1.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
d95f5818c1.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: d95f5818c1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d95f5818c1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d95f5818c1.news-mareka.com/lands/57/css/style.css

23.158.56.123

1.2 kB

URL
d95f5818c1.news-mareka.com/lands/57/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: d95f5818c1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d95f5818c1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

d95f5818c1.news-mareka.com/lands/57/js/device.js

23.158.56.123

1.1 kB

URL
d95f5818c1.news-mareka.com/lands/57/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/57/js/device.js HTTP/1.1
Host: d95f5818c1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d95f5818c1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d95f5818c1.news-mareka.com/
Cookie: _subid=376l60j117slfo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:08 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slfv; expires=Sat, 08 Jun 2024 22:02:08 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:16 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d95f5818c1.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-length: 0
location: https://9292beef2d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

9292beef2d.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
9292beef2d.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 9292beef2d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9292beef2d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

9292beef2d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

8.8 kB

URL
9292beef2d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (7710)
Size
8.8 kB (8836 bytes)
Hash
b34f5c943d62c24790a0625398cb9e17
3aeecac349ccea7a9069fcf45a737775c1546b8a
48c3cbc99f8a1c4945832356fd5f61bc91c95af3d059ec051f6c146aa16b7f90

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9292beef2d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d95f5818c1.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9292beef2d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-length: 0
location: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/lp.js

23.158.56.123

758 B

URL
cee72727ce.news-mareka.com/lands/36/lp.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators
Size
758 B (758 bytes)
Hash
dbcc3608581394261613182e95963925
d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9
c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8

HTTP Headers

GET /lands/36/lp.js HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 758
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2f6"
accept-ranges: bytes
X-Firefox-Spdy: h2

9292beef2d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

53 kB

URL
9292beef2d.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
53 kB (52799 bytes)
Hash
fcc69a1893a513a7a5c6ea4c1e63d0c2
532b9d69564fd82dc8fb1712c8974eb825fbb125
38ea0a5cfd3bde87069456f74ed84664fbf8d2aa5377ca7db03bfa85211549ed

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 9292beef2d.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9292beef2d.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
cee72727ce.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
cee72727ce.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
cee72727ce.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/Spin-1s-80px.gif

23.158.56.123

31 kB

URL
cee72727ce.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/player-controls-l.png

23.158.56.123

945 B

URL
cee72727ce.news-mareka.com/lands/36/img/player-controls-l.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced
Size
945 B (945 bytes)
Hash
6865c8700b582e4c7848472bb23dd65a
c5ea2c514de8f55145550f9589e1e07cda457994
e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324

HTTP Headers

GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/player-controls-r.png

23.158.56.123

408 B

URL
cee72727ce.news-mareka.com/lands/36/img/player-controls-r.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced
Size
408 B (408 bytes)
Hash
f0e42db89f7d0994b3723b35eb05a49f
b4e08e7b2c525345d86dc2299663915c84a41b2b
13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be

HTTP Headers

GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/player-bg.jpg

23.158.56.123

11 kB

URL
cee72727ce.news-mareka.com/lands/36/img/player-bg.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-1.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-1.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-2.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-2.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-5.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-5.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-6.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-6.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9620 bytes)
Hash
a83d5196e71bd6f9c55ef3e7322e527c
9dbddad413391599552c4d9cc5c9e8a287ef910f
52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818

HTTP Headers

GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-8.jpg

23.158.56.123

9.8 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-8.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-9.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-9.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-10.jpg

23.158.56.123

9.7 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-10.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-11.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-11.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-13.jpg

23.158.56.123

9.4 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-13.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9378 bytes)
Hash
cd911694d58b5fb86c94cf7a1d5b530b
f32925a79b755d76fdf1ae56fa898ef23d816699
5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2

HTTP Headers

GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-14.jpg

23.158.56.123

9.5 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-14.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9498 bytes)
Hash
4957499f251b620472eb5fe6fd126c22
a237ac15f4b16256f1c49a40ca07ca168dea540c
de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b

HTTP Headers

GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-15.jpg

23.158.56.123

9.7 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-15.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9673 bytes)
Hash
bf608c2d10293273951a88b8d38de015
15b2a17c7300725aacc27f320480dfe5bf173a00
118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f

HTTP Headers

GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-17.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-17.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/lands/36/img/pics-18.jpg

23.158.56.123

9.6 kB

URL
cee72727ce.news-mareka.com/lands/36/img/pics-18.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/
Cookie: _subid=376l60j117slg5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:08 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slgh; expires=Sat, 08 Jun 2024 22:02:08 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:16 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cee72727ce.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-length: 0
location: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
fc6c20ae42.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon4.png

23.158.56.123

7.0 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon4.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon5.png

23.158.56.123

3.3 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon5.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon7.png

23.158.56.123

3.3 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon7.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/lands/39/img/icon8.png

23.158.56.123

4.1 kB

URL
fc6c20ae42.news-mareka.com/lands/39/img/icon8.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

10 kB

URL
cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (8854)
Size
10 kB (10028 bytes)
Hash
44465fe6ba5dc9fa6edf33b8ad8b013a
8c48836e31aa955ae7bd5f2159405f47e0e08b24
c5972fbb58f406b6798b907d1903744379406c53d8ac16434c264179f0cde304

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9292beef2d.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fc6c20ae42.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-length: 0
location: https://eb838db12b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

eb838db12b.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
eb838db12b.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: eb838db12b.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eb838db12b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eb838db12b.news-mareka.com/
Cookie: _subid=376l60j117slgo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:09 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slgr; expires=Sat, 08 Jun 2024 22:02:09 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:18 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eb838db12b.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-length: 0
location: https://ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

ee4fbb8b23.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
ee4fbb8b23.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: ee4fbb8b23.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ee4fbb8b23.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
ee4fbb8b23.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: ee4fbb8b23.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ee4fbb8b23.news-mareka.com/
Cookie: _subid=376l60j117slgr; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:09 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slh5; expires=Sat, 08 Jun 2024 22:02:09 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:18 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ee4fbb8b23.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-length: 0
location: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

cee72727ce.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
cee72727ce.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (44310)
Size
45 kB (45447 bytes)
Hash
d22513031bcbd54bd719fbe4f904ee58
4ad0fb1f24192612a60721f94f11c3b6685c50a7
10029c1c51b3a9dc0f2fc6d5991782d0c297151db9192cf8c6f085ae8485e3a6

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: cee72727ce.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cee72727ce.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
e289e10e38.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ee4fbb8b23.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

48 kB

URL
ee4fbb8b23.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
48 kB (47825 bytes)
Hash
05de816c29a35ae2d03a853ebf002cc5
a18c9522e78c22e3ca61e4f6f34cb7e9de3fd8c0
717ea31f2bb5e39d0931b975fb9ceeed7a8afd5b6e1987dbe08eac524a945add

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ee4fbb8b23.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/logo.png

23.158.56.123

7.4 kB

URL
e289e10e38.news-mareka.com/lands/36/img/logo.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7398 bytes)
Hash
6cd3a78b39a704ee1c84f31c8c4e5808
bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93
4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193

HTTP Headers

GET /lands/36/img/logo.png HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/png
content-length: 7398
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ce6"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/search-icon.png

23.158.56.123

461 B

URL
e289e10e38.news-mareka.com/lands/36/img/search-icon.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
Size
461 B (461 bytes)
Hash
71a97f63eeafce6cc8dd4e7b92e77303
e92e36474a69fcf7b932efc581e024a1c25773e5
fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2

HTTP Headers

GET /lands/36/img/search-icon.png HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/png
content-length: 461
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1cd"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/Spin-1s-80px.gif

23.158.56.123

31 kB

URL
e289e10e38.news-mareka.com/lands/36/img/Spin-1s-80px.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 80 x 80
Size
31 kB (30677 bytes)
Hash
68556766cd260e97fec2b60a9bfaf8c7
26c969371c9a3de360fab6d7a7a3bec2c5d5c99f
ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676

HTTP Headers

GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/gif
content-length: 30677
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-77d5"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/player-controls-l.png

23.158.56.123

945 B

URL
e289e10e38.news-mareka.com/lands/36/img/player-controls-l.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced
Size
945 B (945 bytes)
Hash
6865c8700b582e4c7848472bb23dd65a
c5ea2c514de8f55145550f9589e1e07cda457994
e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324

HTTP Headers

GET /lands/36/img/player-controls-l.png HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/png
content-length: 945
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-3b1"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/player-controls-r.png

23.158.56.123

408 B

URL
e289e10e38.news-mareka.com/lands/36/img/player-controls-r.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced
Size
408 B (408 bytes)
Hash
f0e42db89f7d0994b3723b35eb05a49f
b4e08e7b2c525345d86dc2299663915c84a41b2b
13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be

HTTP Headers

GET /lands/36/img/player-controls-r.png HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/png
content-length: 408
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-198"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/player-bg.jpg

23.158.56.123

11 kB

URL
e289e10e38.news-mareka.com/lands/36/img/player-bg.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
11 kB (11291 bytes)
Hash
d0c6f02d6933f0b93db0942e3e7f3609
bc96b3878d13d0f46aa464e94515f27ad53531b0
7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a

HTTP Headers

GET /lands/36/img/player-bg.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 11291
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2c1b"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-1.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-1.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-2.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-2.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9474 bytes)
Hash
b1444ede1cb63c55f07c4b7cc861ec58
504823696a6990f0c6892721e34a7496cfe4e704
628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8

HTTP Headers

GET /lands/36/img/pics-2.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9474
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2502"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-5.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-5.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9557 bytes)
Hash
628b98b82d0aca1c1b2155aa5ec51a6a
db663b2b85cf8828f3e9c5aa879325bb50e684a0
d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d

HTTP Headers

GET /lands/36/img/pics-5.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9557
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2555"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-6.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-6.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9620 bytes)
Hash
a83d5196e71bd6f9c55ef3e7322e527c
9dbddad413391599552c4d9cc5c9e8a287ef910f
52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818

HTTP Headers

GET /lands/36/img/pics-6.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9620
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2594"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-8.jpg

23.158.56.123

9.8 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-8.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.8 kB (9750 bytes)
Hash
2e7eafc3878ee465f96bca0f9d1e1712
c4f353f12542db5d2df3be74dbae890e0430ac6e
df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1

HTTP Headers

GET /lands/36/img/pics-8.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9750
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2616"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-9.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-9.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-10.jpg

23.158.56.123

9.7 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-10.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-11.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-11.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9483 bytes)
Hash
8611f67b36ff57eaa1060e793b9e6ad4
49f273a5760e7375adb1efc58f0ed2c665da6ae8
de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2

HTTP Headers

GET /lands/36/img/pics-11.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9483
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250b"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-13.jpg

23.158.56.123

9.4 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-13.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9378 bytes)
Hash
cd911694d58b5fb86c94cf7a1d5b530b
f32925a79b755d76fdf1ae56fa898ef23d816699
5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2

HTTP Headers

GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-14.jpg

23.158.56.123

9.5 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-14.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9498 bytes)
Hash
4957499f251b620472eb5fe6fd126c22
a237ac15f4b16256f1c49a40ca07ca168dea540c
de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b

HTTP Headers

GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2

eb838db12b.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

54 kB

URL
eb838db12b.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
54 kB (54362 bytes)
Hash
7f28277dc8d9d56dc53e694762977e11
864c6dd317768007e02e1080091d2e7b9b7cf6e4
69556f532c533ff3cb5574fbece77b73934de87fa9cd49ced3409a274974253a

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: eb838db12b.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eb838db12b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-17.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-17.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/lands/36/img/pics-18.jpg

23.158.56.123

9.6 kB

URL
e289e10e38.news-mareka.com/lands/36/img/pics-18.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e289e10e38.news-mareka.com/
Cookie: _subid=376l60j117slh5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:09 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slhh; expires=Sat, 08 Jun 2024 22:02:09 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:18 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e289e10e38.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-length: 0
location: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

e7f3278b65.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
e7f3278b65.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: e7f3278b65.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

e7f3278b65.news-mareka.com/lands/53/css/style.css

23.158.56.123

1.3 kB

URL
e7f3278b65.news-mareka.com/lands/53/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4928), with no line terminators
Size
1.3 kB (1301 bytes)
Hash
6f2d06d6dbd00d18b9e7eb11ef80081d
b86bdf3144b91210a3e04aab9802dba7b677ffe4
4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8

HTTP Headers

GET /lands/53/css/style.css HTTP/1.1
Host: e7f3278b65.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: text/css
content-length: 1301
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-515"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

e7f3278b65.news-mareka.com/lands/53/images/spinning-circles2.svg

23.158.56.123

503 B

URL
e7f3278b65.news-mareka.com/lands/53/images/spinning-circles2.svg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
SVG Scalable Vector Graphics image
Size
503 B (503 bytes)
Hash
14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

HTTP Headers

GET /lands/53/images/spinning-circles2.svg HTTP/1.1
Host: e7f3278b65.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/svg+xml
content-length: 503
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1f7"
accept-ranges: bytes
X-Firefox-Spdy: h2

e7f3278b65.news-mareka.com/lands/53/images/video.gif

23.158.56.123

500 kB

URL
e7f3278b65.news-mareka.com/lands/53/images/video.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 320 x 180
Size
500 kB (500082 bytes)
Hash
2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433

HTTP Headers

GET /lands/53/images/video.gif HTTP/1.1
Host: e7f3278b65.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: image/gif
content-length: 500082
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-7a172"
accept-ranges: bytes
X-Firefox-Spdy: h2

e7f3278b65.news-mareka.com/lands/53/js/device.js

23.158.56.123

1.1 kB

URL
e7f3278b65.news-mareka.com/lands/53/js/device.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (3289), with no line terminators
Size
1.1 kB (1111 bytes)
Hash
2d9887b21aa6b47c56e7f43e66560a4f
42cdfc5b3b23d32152750bf2cea4233044491768
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

HTTP Headers

GET /lands/53/js/device.js HTTP/1.1
Host: e7f3278b65.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://e7f3278b65.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 1111
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-457"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

3b300187fa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

91 kB

URL
3b300187fa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (63955)
Size
91 kB (91283 bytes)
Hash
857a2360aa4fbcb8cd086be792bd0530
79de8bbd156ab56abe71f0213fe64b4d99edf69d
21678852ed3f74861fca8b3c9aedd416b9e64e72b75889f413d56949e8c3c2a3

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 3b300187fa.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9cda27debf.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:03 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

d483a2802b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

77 kB

URL
d483a2802b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (64512)
Size
77 kB (77431 bytes)
Hash
efaa41e7400a2c3db68bbf19f093ec2b
af702ec82882f7fec79a39440d65863d3faf7771
6f608920c43b935a5c9eaba1ab830bd93c5559f4fe06f1de85b0b92122e7f08c

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d483a2802b.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://45fcaf7a28.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

255a2fcfa6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
255a2fcfa6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (46460 bytes)
Hash
60faf3a6ec433bf70e8dd7de67a0dae4
85dbb7252c68135007c33ac67c08f49a165f560a
dbee586c1f2d781942e73bd93b6ccb081de0576cde65872052c43d315e378654

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 255a2fcfa6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ec68a11d13.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

33dcae1a33.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

5.1 kB

URL
33dcae1a33.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
5.1 kB (5050 bytes)
Hash
20190964b0dfc68dd1cb59ce026822fa
eafeb58fcdf938981c5b4d1e4a72dd4058d2cd3a
68406c8b51fbd43131c6c04a4b837c81084c36658849f2b01d8f27d06ab024c7

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 33dcae1a33.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e7f3278b65.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://33dcae1a33.news-mareka.com/
Cookie: _subid=376l60j117slhs; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:10 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sli4; expires=Sat, 08 Jun 2024 22:02:10 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:20 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33dcae1a33.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-length: 0
location: https://71b75468b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

71b75468b6.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
71b75468b6.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 71b75468b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://71b75468b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

71b75468b6.news-mareka.com/lands/57/css/style.css

23.158.56.123

1.2 kB

URL
71b75468b6.news-mareka.com/lands/57/css/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (4468), with no line terminators
Size
1.2 kB (1213 bytes)
Hash
b07eb7ba1a3bb505eba51b55f4ffa9ff
fea4806dafcdda47dff4bb6aa09362ded48879d5
086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68

HTTP Headers

GET /lands/57/css/style.css HTTP/1.1
Host: 71b75468b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://71b75468b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: text/css
content-length: 1213
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-4bd"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

31e9cb8087.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

78 kB

URL
31e9cb8087.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (64512)
Size
78 kB (78542 bytes)
Hash
9eaaf7f8c5b34ba64e1f142500d604d0
fec8566631f996ad341c7af3f40d212b74bc7c90
f8e0b31778059903b7ae0d06e7f5836c157d367c23821241961a23120dcf2104

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 31e9cb8087.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d7e1f16ce8.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

71b75468b6.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
71b75468b6.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
a237f6997df5a3c9d67f74f5ceb1c131
1a0f36d182018629aabd95f16cce9a807d1340e8
6f1ab989c3c76b5bb5212eed962659c5a01454c03c26ad32136993b9ce76d3e6

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 71b75468b6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://71b75468b6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://71b75468b6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-length: 0
location: https://302ae46687.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

302ae46687.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
302ae46687.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 302ae46687.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://302ae46687.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://302ae46687.news-mareka.com/
Cookie: _subid=376l60j117slia; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:10 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slij; expires=Sat, 08 Jun 2024 22:02:10 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:20 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

5d35232dd6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

80 kB

URL
5d35232dd6.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (64512)
Size
80 kB (80102 bytes)
Hash
fa23d34b6d07ad6dba1ba6dfc428d16c
043257153e64b7970a7feacd97fe6231a89e1c5a
e1655b77efff4024feffe102eb1804d544e9b8ac089e16b1e521e61a9e373b77

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 5d35232dd6.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39bc115132.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:01 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

11c31df564.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
11c31df564.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 11c31df564.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11c31df564.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://11c31df564.news-mareka.com/
Cookie: _subid=376l60j117slij; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:10 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slit; expires=Sat, 08 Jun 2024 22:02:10 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:20 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11c31df564.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:10 GMT
content-length: 0
location: https://ef110687ff.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

ef110687ff.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
ef110687ff.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: ef110687ff.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ef110687ff.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

ef110687ff.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
ef110687ff.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: ef110687ff.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ef110687ff.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ef110687ff.news-mareka.com/
Cookie: _subid=376l60j117slit; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:11 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slj4; expires=Sat, 08 Jun 2024 22:02:11 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:22 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ef110687ff.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-length: 0
location: https://17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

1.3 kB

URL
17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, ASCII text, with very long lines (553)
Size
1.3 kB (1309 bytes)
Hash
c18e92741ef8f595384394e3e59da7d6
92a55bd1ae232ffc2041d1159d32f344a1e6519d
7144200db3a0c09241cc4fefecc19d0550cb734d48aa521c6b15be4c80751f4b

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 17802dbca2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ef110687ff.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: text/html; charset=UTF-8
content-length: 1309
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

17802dbca2.news-mareka.com/lands/20/style.css

23.158.56.123

868 B

URL
17802dbca2.news-mareka.com/lands/20/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (2230), with no line terminators
Size
868 B (868 bytes)
Hash
d4b3acb7a84d2265bf174f13f93ca4f1
d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221
2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311

HTTP Headers

GET /lands/20/style.css HTTP/1.1
Host: 17802dbca2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: text/css
content-length: 868
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-364"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

17802dbca2.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
17802dbca2.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 17802dbca2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

128 kB

URL
0ef52cc17a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (37323)
Size
128 kB (127728 bytes)
Hash
37813ccdaed9cf4b00deaf56d7576172
38e84f549f2e23bdaa6fe84e12672d2e6e4f5c2e
fa826173b7aecaf846a99b358ceec8a34ab7a5be6e670e52c69e11477aec867a

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 0ef52cc17a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e39c2b33d3.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

25dac62c59.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

46 kB

URL
25dac62c59.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
46 kB (45473 bytes)
Hash
1acaf29bf0d2f82d7dd17a295ec24c89
4a7fedf5af7ade07a705a6fc7345ddc60db65717
7b220039892cf6e50578c3510b7fa8db7480c00f17c91d9f388575d5893bf8b4

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 25dac62c59.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://25dac62c59.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic

142.250.74.106

1.5 kB

URL
fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
1.5 kB (1542 bytes)
Hash
30711214fadec79b655db333eae6c23e
33b0cc00259aa5974386bca81ca1ca4d868edb9f
bbdb457e229209b10eccf633e37e324f7f5d3080903558c084b636923d4149e4

HTTP Headers

GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17802dbca2.news-mareka.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:02:11 GMT
date: Wed, 08 May 2024 22:02:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

f01ee521e1.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
f01ee521e1.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/style.css

23.158.56.123

3.1 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/style.css
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
ASCII text, with very long lines (11701), with no line terminators
Size
3.1 kB (3136 bytes)
Hash
db606af46bdcca984d60a46183a4525e
28964fac8b2b7889554f32543e69ac68e6f21e2f
8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae

HTTP Headers

GET /lands/36/img/style.css HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: text/css
content-length: 3136
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-c40"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

429b84f309.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

17 kB

URL
429b84f309.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
17 kB (17149 bytes)
Hash
26cac4181e38dac236e9454e116d423d
e9c795f954b00e6bf8c25551b0ef6c06f42f957d
a544fd2448677e5b1bcb4c20ca18efd70d1d61b13421d24fbf62de6f5cff8771

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 429b84f309.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31e9cb8087.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

94.130.32.96

46 kB

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
94.130.32.96:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
46 kB (45737 bytes)
Hash
06ae433dfb51cc7916c34965beefcd96
41756f412c2714f25e20937e976aa8f7145e7f13
5efca65b5d3750f49573096b956aea9a5cb29b3b6c269b7f4093123f31deb368

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d483a2802b.news-mareka.com/
Origin: https://d483a2802b.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://d483a2802b.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

34 kB

URL
fc6c20ae42.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
34 kB (33970 bytes)
Hash
198aef6373008473ba4f1ec6b93df659
2a85a34e8a96ccf052679a9ee2d2a40a92316da3
05608219b66dbe932411414fd38c1cb22efaef2260c9c031a8511e06c258c199

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: fc6c20ae42.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cee72727ce.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic

142.250.74.106

46 kB

URL
fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
46 kB (46418 bytes)
Hash
5f1d009c9e022ef1696678789426dfb2
c59923f02770a8b6654109dc49e73558e53b564a
6b99e93d51e5072ff958a594a93075e2ad37f495852be32df90c621ee99c037b

HTTP Headers

GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9576d8657e.news-mareka.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:02:07 GMT
date: Wed, 08 May 2024 22:02:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

17802dbca2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
17802dbca2.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
45 kB (45097 bytes)
Hash
3fa90b3a99b528a813c9f499c558078f
f8872a3faa101065950815b6175c37dfcf66a398
6a56e8e4f4cf773376efd4111410dd6dd4a0b581860c79f2a183cf0006602fd1

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 17802dbca2.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17802dbca2.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

50 kB

URL
ee4fbb8b23.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
50 kB (49641 bytes)
Hash
4fcb220948f684eaef7371d348b75e7f
f2e03bc7b5fac7b94f37a29c49697fc6c1ae86bc
665ec30ddf20cb2c484d4dd0923acb9274a971d6f7fde214854295d042b955f6

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: ee4fbb8b23.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eb838db12b.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-1.jpg

23.158.56.123

9.6 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-1.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9604 bytes)
Hash
8374be5c573da988b4d76c1051f8cbc7
c319af79d391edeac2268173798952dd71f0ecf2
41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea

HTTP Headers

GET /lands/36/img/pics-1.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9604
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2584"
accept-ranges: bytes
X-Firefox-Spdy: h2

dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

13 kB

URL
dd990bea48.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
13 kB (12767 bytes)
Hash
cd7b1305aa341ca20a3b6b1752527ef4
26b594fb82ef4683490bfaafb844c1c429dea348
517b11e2503305026cb9e7c67e511de277612ce6d5bebdc432474e1ccad10430

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: dd990bea48.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://621cc0e4f6.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-3.jpg

23.158.56.123

9.4 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-3.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9413 bytes)
Hash
76025b7cd7b3e168342e9f6916d8c7f4
bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2
46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775

HTTP Headers

GET /lands/36/img/pics-3.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9413
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24c5"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-4.jpg

23.158.56.123

9.5 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-4.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9468 bytes)
Hash
107bdcec0a201d69db378827b68127cd
efc977edd0a369769d5f32d88e9858302bed1e5e
cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468

HTTP Headers

GET /lands/36/img/pics-4.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9468
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

d95f5818c1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

14 kB

URL
d95f5818c1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
14 kB (14117 bytes)
Hash
809e855b359ef60040f41529e019c604
384246c8c4befbc9c5c099cec90147488df9cb21
56bd4ba931393998f57736f9fecd990d2b9bfebb5c8b73efd5ee86d233b246fb

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d95f5818c1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8949b722d5.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

eb838db12b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

19 kB

URL
eb838db12b.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
19 kB (19371 bytes)
Hash
840e25e177a91ec13c710cef14dbe256
3a213612b7155c4ce89bde7cc5f526f0480f5a23
74725d22f55010b856b3f57f1c2c0036143b7337c09c1a490ef77bb1bd66bcb3

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: eb838db12b.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fc6c20ae42.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:08 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-7.jpg

23.158.56.123

9.5 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-7.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9484 bytes)
Hash
94edfad63e95c79618692b8d8dc20587
f582b7b70443ea1fff184ade49ab560fc8fd3318
0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e

HTTP Headers

GET /lands/36/img/pics-7.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250c"
accept-ranges: bytes
X-Firefox-Spdy: h2

e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

20 kB

URL
e289e10e38.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
20 kB (19778 bytes)
Hash
e468d577f77fbb58f9d35ed5a14a57a4
16dad2fc2001ae5cd456c5aa8ab746095506b20a
c0e088b6468efdd57cc4e4a1e3d4a454106f4180c53fb54a1bfa62f8ea909252

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: e289e10e38.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ee4fbb8b23.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:09 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-9.jpg

23.158.56.123

9.6 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-9.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9646 bytes)
Hash
c3af10d166a4447c21f25e4a32383a5d
37a0342d08d6933b3bbfd4063b7ba998c991dd73
963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73

HTTP Headers

GET /lands/36/img/pics-9.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9646
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-10.jpg

23.158.56.123

9.7 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-10.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9681 bytes)
Hash
00ad8eccd280144f038e883859beeabe
e13583bbe25712e827b8b22b1353c883531f849f
21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada

HTTP Headers

GET /lands/36/img/pics-10.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9681
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

31e9cb8087.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

137 kB

URL
31e9cb8087.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
137 kB (137211 bytes)
Hash
9a7d3f84698c7ca30d193331def3892e
67d4a954dbe69f328adf7c7d7ee1d71c8fb02b88
45ad040ec3eadc2cba7aed7ce0b542400b937c8d2f8d280244efdeba399873d4

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 31e9cb8087.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://31e9cb8087.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-12.jpg

23.158.56.123

9.5 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-12.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9487 bytes)
Hash
3971b0cd6849aef8e63c281fe7e53c57
690281f0f9a05a32be18029632240693f7b26270
20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a

HTTP Headers

GET /lands/36/img/pics-12.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9487
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-250f"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-13.jpg

23.158.56.123

9.4 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-13.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.4 kB (9378 bytes)
Hash
cd911694d58b5fb86c94cf7a1d5b530b
f32925a79b755d76fdf1ae56fa898ef23d816699
5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2

HTTP Headers

GET /lands/36/img/pics-13.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9378
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-24a2"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-14.jpg

23.158.56.123

9.5 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-14.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.5 kB (9498 bytes)
Hash
4957499f251b620472eb5fe6fd126c22
a237ac15f4b16256f1c49a40ca07ca168dea540c
de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b

HTTP Headers

GET /lands/36/img/pics-14.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9498
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-251a"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-15.jpg

23.158.56.123

9.7 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-15.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.7 kB (9673 bytes)
Hash
bf608c2d10293273951a88b8d38de015
15b2a17c7300725aacc27f320480dfe5bf173a00
118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f

HTTP Headers

GET /lands/36/img/pics-15.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9673
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25c9"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-16.jpg

23.158.56.123

9.6 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-16.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9570 bytes)
Hash
700dfe65fca751e5c160aa1ed38c0389
61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886
8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1

HTTP Headers

GET /lands/36/img/pics-16.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9570
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-2562"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-17.jpg

23.158.56.123

9.6 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-17.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9595 bytes)
Hash
3617c828a4589dfd2af8f90e31f92666
0e7a1dbe743c9eaad109659f7b21ab86719b9cd0
f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f

HTTP Headers

GET /lands/36/img/pics-17.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9595
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-257b"
accept-ranges: bytes
X-Firefox-Spdy: h2

f01ee521e1.news-mareka.com/lands/36/img/pics-18.jpg

23.158.56.123

9.6 kB

URL
f01ee521e1.news-mareka.com/lands/36/img/pics-18.jpg
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JPEG image data
Size
9.6 kB (9645 bytes)
Hash
52ada45615791fefe3513b98a28d6c61
334b68a65108b2274dc0d41bbed58d10cbfb41a0
204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4

HTTP Headers

GET /lands/36/img/pics-18.jpg HTTP/1.1
Host: f01ee521e1.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/jpeg
content-length: 9645
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-25ad"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f01ee521e1.news-mareka.com/
Cookie: _subid=376l60j117slj7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:11 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sljk; expires=Sat, 08 Jun 2024 22:02:11 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:22 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f01ee521e1.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-length: 0
location: https://6f40277fc5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

6f40277fc5.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
6f40277fc5.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 6f40277fc5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6f40277fc5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

6f40277fc5.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
6f40277fc5.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: 6f40277fc5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6f40277fc5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6f40277fc5.news-mareka.com/
Cookie: _subid=376l60j117sljk; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:11 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sljp; expires=Sat, 08 Jun 2024 22:02:11 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:22 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6f40277fc5.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-length: 0
location: https://5132e20e85.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

6f40277fc5.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

53 kB

URL
6f40277fc5.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
53 kB (52799 bytes)
Hash
8d190ffba85849332abe3badd6a56ffd
885beb139677632b47fbdb0e942e80a059d263c9
e8e6225a077c1b5aafff12fa2198c97810ae3d3f5dccc6677c10cdf51f04e359

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 6f40277fc5.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6f40277fc5.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:11 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

d870d24afa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

137 kB

URL
d870d24afa.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (63955)
Size
137 kB (136814 bytes)
Hash
e2d3a2bf4fb7a6547f1668eba1d38e34
1794ae1cbcdaba442c80d3cbdbcc734bd6a406e5
bcd12ff0294b09fd6e8fea6963e11ce6fbc2828ab752ae4ea80bd75bd8598d39

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: d870d24afa.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d483a2802b.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:07 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

5132e20e85.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
5132e20e85.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
29e302a04fbb50e8f1d9a2c0dafb9302
52e907c03ec5c27cb06e7ea049876ca0bfbc9249
bc2e6badbaa99d076c84da835f608e17050d3750eb4e405ef57eaba28f4a862e

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 5132e20e85.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5132e20e85.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

fba7688a0e.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
fba7688a0e.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: fba7688a0e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fba7688a0e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fba7688a0e.news-mareka.com/
Cookie: _subid=376l60j117sljv; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:12 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slk2; expires=Sat, 08 Jun 2024 22:02:12 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:24 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fba7688a0e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-length: 0
location: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
bb02dc592e.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon1.png

23.158.56.123

7.3 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon1.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon2.png

23.158.56.123

4.6 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon2.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-11e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon3.png

23.158.56.123

7.8 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon3.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1ea7"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon4.png

23.158.56.123

7.0 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon4.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b78"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon5.png

23.158.56.123

3.3 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon5.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cc0"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon7.png

23.158.56.123

3.3 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon7.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-cd3"
accept-ranges: bytes
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/lands/39/img/icon8.png

23.158.56.123

4.1 kB

URL
bb02dc592e.news-mareka.com/lands/39/img/icon8.png
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-fe0"
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/
Cookie: _subid=376l60j117slk2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:12 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slk7; expires=Sat, 08 Jun 2024 22:02:12 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:24 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bb02dc592e.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-length: 0
location: https://9371842f29.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

bb02dc592e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

53 kB

URL
bb02dc592e.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
53 kB (52799 bytes)
Hash
538780cbaf157fd6e545714444afffc0
5cd6207c0c8f36d3a7a1b2528c0a4f568bea9aeb
b0fbe23e071ae04045b64672a2774dee1ae0ba0f53cd92bbc4846730ab2016e4

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: bb02dc592e.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bb02dc592e.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://9371842f29.news-mareka.com/
Cookie: _subid=376l60j117slk7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:12 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slke; expires=Sat, 08 Jun 2024 22:02:12 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:24 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

a065406aab.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

226 kB

URL
a065406aab.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
data
Size
226 kB (226188 bytes)
Hash
d925b2e870328f7b4e6b390678022617
94b820717c84746efe322c174b523e123e4d391d
1d4daba05e0cae9d6629d34c0c635d225d892dbf72bd354e64f32141863f27ad

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a065406aab.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a065406aab.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

a33945de98.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
a33945de98.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: a33945de98.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a33945de98.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a33945de98.news-mareka.com/
Cookie: _subid=376l60j117slke; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:13 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slkj; expires=Sat, 08 Jun 2024 22:02:13 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:26 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a33945de98.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-length: 0
location: https://1211d78a43.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

1211d78a43.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
1211d78a43.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 1211d78a43.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1211d78a43.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1211d78a43.news-mareka.com/
Cookie: _subid=376l60j117slkj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:13 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117slkr; expires=Sat, 08 Jun 2024 22:02:13 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:26 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

1211d78a43.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

54 kB

URL
1211d78a43.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
HTML document, Unicode text, UTF-8 text, with very long lines (44310)
Size
54 kB (54440 bytes)
Hash
53bb75541b2b7579807d6a99a739d030
7a7934a875db64722ee6e377e0cbc54a57364996
a50ab51b806542cb8f4f941c25759a6e87bf397206679c0ab097913c10e51e6f

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: 1211d78a43.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a33945de98.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

18496ded67.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
18496ded67.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 18496ded67.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18496ded67.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

18496ded67.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
18496ded67.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: 18496ded67.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://18496ded67.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult

178.63.56.119

586 B

URL
show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult
IP
178.63.56.119:0
ASN
#24940 Hetzner Online GmbH

File type
JSON text data
Size
586 B (586 bytes)
Hash
e786f223def84c3a5954840bf6acd270
24b0feb70d32c9279765bd0f267d896776217484
c5153b1241029f4417abd5eaad0ae7c6ad5387b726d0847ea37bcc5c7f0ba5c7

HTTP Headers

GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1211d78a43.news-mareka.com/
Origin: https://1211d78a43.news-mareka.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://1211d78a43.news-mareka.com
vary: Origin
content-encoding: br
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://18496ded67.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-length: 0
location: https://fc286cac74.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

fc286cac74.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
fc286cac74.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: fc286cac74.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc286cac74.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

fc286cac74.news-mareka.com/lands/48/preloader-43.5794040.gif

23.158.56.123

7.0 kB

URL
fc286cac74.news-mareka.com/lands/48/preloader-43.5794040.gif
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
GIF image data, version 89a, 160 x 160
Size
7.0 kB (7010 bytes)
Hash
5794040ee88def220320edd0ed2e2ac9
7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b
c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e

HTTP Headers

GET /lands/48/preloader-43.5794040.gif HTTP/1.1
Host: fc286cac74.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc286cac74.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: image/gif
content-length: 7010
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1b62"
accept-ranges: bytes
X-Firefox-Spdy: h2

fc286cac74.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=

23.158.56.123

45 kB

URL
fc286cac74.news-mareka.com/process.js?id=1218914904&p1=&p2=&p3=&p4=
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (44310)
Size
45 kB (44689 bytes)
Hash
8cb7c032a9c274f95a7a700d1a3be409
2684bf1a61bee89a8de46fcb990010fe46209f71
1ab0d110bfbcc8646f8ed5043f8171a4fac7fa16ab38b20b8949646c95110a22

HTTP Headers

GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: fc286cac74.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fc286cac74.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2

news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=

65.109.24.247

0 B

URL
news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
IP
65.109.24.247:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: news-pepafu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fc286cac74.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-length: 0
location: https://6bad776a0a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

6bad776a0a.news-mareka.com/revopush.js

23.158.56.123

8.1 kB

URL
6bad776a0a.news-mareka.com/revopush.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators
Size
8.1 kB (8110 bytes)
Hash
2c5bbd971d7151a38f9a0fbe8fa83886
8fb8275965ff38c18a2fb5bd1be990c4592b39a0
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

HTTP Headers

GET /revopush.js HTTP/1.1
Host: 6bad776a0a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6bad776a0a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 8110
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-1fae"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

6bad776a0a.news-mareka.com/lands/46/sketch.min.js

23.158.56.123

2.4 kB

URL
6bad776a0a.news-mareka.com/lands/46/sketch.min.js
IP
23.158.56.123:0
ASN
#63023 AS-GLOBALTELEHOST

File type
JavaScript source, ASCII text, with very long lines (4675), with no line terminators
Size
2.4 kB (2379 bytes)
Hash
ed52afed30560dc3e13a88e35a300c18
8714792a53d24b5c641b9536a2d218d75b43b3f9
cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711

HTTP Headers

GET /lands/46/sketch.min.js HTTP/1.1
Host: 6bad776a0a.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6bad776a0a.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 2379
last-modified: Thu, 02 May 2024 14:58:42 GMT
etag: "6633aa22-94b"
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2

partners-tds.com/WzJQVS

142.202.51.61

0 B

URL
partners-tds.com/WzJQVS
IP
142.202.51.61:0
ASN
#63023 AS-GLOBALTELEHOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WzJQVS HTTP/1.1
Host: partners-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6bad776a0a.news-mareka.com/
Cookie: _subid=376l60j117sllb; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 May 2024 22:02:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 May 2024 22:02:14 GMT
Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=
Set-Cookie: _subid=376l60j117sllm; expires=Sat, 08 Jun 2024 22:02:14 GMT; path=/
933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MjA1NzA5fSxcInRpbWVcIjoxNzE1MjA1NzA5fSJ9.TbWcE3RnvWi2TRg_2z9yItWb4HXab_AG9MtI-AEqBdY; expires=Thu, 15 Sep 2078 20:04:28 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

a33945de98.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=

0.0.0.0

91 kB

URL User Request GET
a33945de98.news-mareka.com/?id=1218914904&p1=&p2=&p3=&p4=
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerLet's Encrypt
Subject*.news-mareka.com
Fingerprint19:A1:5D:88:AA:33:70:C7:6C:40:0A:76:BE:F3:93:35:FD:10:B5:4D
ValidityTue, 30 Apr 2024 20:15:23 GMT - Mon, 29 Jul 2024 20:15:22 GMT

File type

Size
91 kB (91283 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1
Host: a33945de98.news-mareka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9371842f29.news-mareka.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:02:12 GMT
content-type: text/html; charset=UTF-8
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (680)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN