Report - gtptnwswrld6.com/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wotc78beo5ckfh61jl4pea5s&sub1=&fullscreen=1

Report Overview

Submitted URL
gtptnwswrld6.com/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wotc78beo5ckfh61jl4pea5s&sub1=&fullscreen=1
IP
192.133.142.177
ASN
#15317 SERVEREL-AS
Submitted
2024-05-10 09:58:08
Access
public
Website Title
Final URL
ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fb4c49fda4.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	284 kB	23.158.56.201
be87b0dd3c.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	249 kB	23.158.56.201
9319ca89ae.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	140 kB	23.158.56.201
340aa6a935.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
partners-tds.com	415339	2021-04-01	2021-04-01	2023-02-13	41 kB	39 kB	142.202.51.61
8aabae8a2d.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	23 kB	23.158.56.201
08107f30f5.news-rolehi.com	unknown	unknown	No data	No data	571 B	95 kB	23.158.56.201
47263a4615.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	574 kB	23.158.56.201
08660ff71c.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	15 kB	23.158.56.201
30127b7ab8.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	16 kB	23.158.56.201
440ff53057.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	19 kB	23.158.56.201
48ca711612.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
138ad8be67.news-rolehi.com	unknown	unknown	No data	No data	4.0 kB	101 kB	23.158.56.201
7211f184a2.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
70cf2080fa.news-rolehi.com	unknown	unknown	No data	No data	979 B	16 kB	23.158.56.201
41c7fcad05.news-rolehi.com	unknown	unknown	No data	No data	12 kB	256 kB	23.158.56.201
38eb2b7a67.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	68 kB	23.158.56.201
74f870fd34.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	26 kB	23.158.56.201
38a4cb3326.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
7d42a0db0d.news-rolehi.com	unknown	unknown	No data	No data	3.0 kB	572 kB	23.158.56.201
2ba424bb26.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	653 kB	23.158.56.201
86742aab38.news-rolehi.com	unknown	unknown	No data	No data	965 B	143 kB	23.158.56.201
279a9758e2.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	14 kB	23.158.56.201
eac5bc11a2.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	73 kB	23.158.56.201
a8439bd35e.news-rolehi.com	unknown	unknown	No data	No data	9.5 kB	254 kB	23.158.56.201
60c03b475e.news-rolehi.com	unknown	unknown	No data	No data	2.6 kB	528 kB	23.158.56.201
d9a29f08e6.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	147 kB	23.158.56.201
a3dc861681.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	9.9 kB	23.158.56.201
abf03c30b5.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	140 kB	23.158.56.201
2c0b97a836.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
4ea8a1d776.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	131 kB	23.158.56.201
ba98fa0b5a.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	104 kB	23.158.56.201
0eafbcfc83.news-rolehi.com	unknown	unknown	No data	No data	979 B	16 kB	23.158.56.201
008c08da31.news-rolehi.com	unknown	unknown	No data	No data	965 B	53 kB	23.158.56.201
ab5db3d15f.news-rolehi.com	unknown	unknown	No data	No data	1.1 kB	51 kB	23.158.56.201
cdad15ce44.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	142 kB	23.158.56.201
c4ac706920.news-rolehi.com	unknown	unknown	No data	No data	3.1 kB	583 kB	23.158.56.201
e45ce2ac86.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	56 kB	23.158.56.201
5ab5e6b50f.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	28 kB	23.158.56.201
5bb8f988a7.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	9.9 kB	23.158.56.201
ykrvt.bestssp.top	unknown	2022-12-30	2023-06-02	2023-11-14	546 B	1.1 kB	188.114.96.1
news-nadete.com	unknown	2024-03-18	2024-03-19	2024-03-19	500 B	220 B	23.158.56.123
news-pepafu.com	unknown	unknown	No data	No data	35 kB	14 kB	136.243.42.50
59d2db9608.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	94 kB	23.158.56.201
ba381c41f7.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	95 kB	23.158.56.201
a31493061b.news-rolehi.com	unknown	unknown	No data	No data	493 B	1.5 kB	23.158.56.201
ykrvt.check-tl-ver-154-2.com	unknown	unknown	No data	No data	4.4 kB	1.9 MB	104.21.37.155
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	917 B	21 kB	142.250.74.131
a9ed37f16c.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	63 kB	23.158.56.201
e15af0d3eb.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
346c0c4497.news-rolehi.com	unknown	unknown	No data	No data	1.1 kB	132 kB	23.158.56.201
a274d69213.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	178 kB	23.158.56.201
0811f41488.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	11 kB	23.158.56.201
43c8800c8f.news-rolehi.com	unknown	unknown	No data	No data	3.6 kB	115 kB	23.158.56.201
rexpush.club	unknown	2023-05-11	2023-05-11	2024-04-07	589 B	41 kB	199.182.164.165
cdnstatic.check-tl-ver-154-2.com	unknown	unknown	No data	No data	1.4 kB	23 kB	104.21.37.155
show.revopush.com	11949	2019-06-25	2019-09-09	2024-05-10	4.4 kB	54 kB	95.216.65.178
0ce46b94c6.news-rolehi.com	unknown	unknown	No data	No data	1.1 kB	145 kB	23.158.56.201
563d15ce0e.news-rolehi.com	unknown	unknown	No data	No data	3.0 kB	512 kB	23.158.56.201
9d668323c0.news-rolehi.com	unknown	unknown	No data	No data	2.5 kB	512 kB	23.158.56.201
96c665dab8.news-rolehi.com	unknown	unknown	No data	No data	946 B	9.8 kB	23.158.56.201
pa.check-tl-ver-154-2.com	unknown	unknown	No data	No data	5.6 kB	2.0 MB	104.21.37.155
843490e125.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	67 kB	23.158.56.201
fbd78d23ff.news-rolehi.com	unknown	unknown	No data	No data	9.6 kB	227 kB	23.158.56.201
47b8832bc0.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	86 kB	23.158.56.201
df9fa7aa93.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	140 kB	23.158.56.201
13454769e3.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	72 kB	23.158.56.201
ad78cde679.news-rolehi.com	unknown	unknown	No data	No data	2.1 kB	28 kB	23.158.56.201
335cc70030.news-rolehi.com	unknown	unknown	No data	No data	1.1 kB	131 kB	23.158.56.201
88eef94a5c.news-rolehi.com	unknown	unknown	No data	No data	4.6 kB	136 kB	23.158.56.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	2.9 kB	213 kB	142.250.74.106
85737a85fd.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	17 kB	23.158.56.201
0105c36326.news-rolehi.com	unknown	unknown	No data	No data	3.0 kB	600 kB	23.158.56.201
86bc97a3c5.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	60 kB	23.158.56.201
0d0c78ff7b.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	74 kB	23.158.56.201
770c0801e1.news-rolehi.com	unknown	unknown	No data	No data	14 kB	787 kB	23.158.56.201
1477b96533.news-rolehi.com	unknown	unknown	No data	No data	965 B	53 kB	23.158.56.201
33377f5b84.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	109 kB	23.158.56.201
a38d9800e7.news-rolehi.com	unknown	unknown	No data	No data	468 B	8.4 kB	23.158.56.201
bf8927631c.news-rolehi.com	unknown	unknown	No data	No data	1.0 kB	100 kB	23.158.56.201
e03c0e25cb.news-rolehi.com	unknown	unknown	No data	No data	1.5 kB	61 kB	23.158.56.201
df989e5972.news-rolehi.com	unknown	unknown	No data	No data	965 B	61 kB	23.158.56.201
9108237a93.news-rolehi.com	unknown	unknown	No data	No data	1.1 kB	91 kB	23.158.56.201
c106ab09d8.news-rolehi.com	unknown	unknown	No data	No data	2.0 kB	63 kB	23.158.56.201
f01aecb362.news-rolehi.com	unknown	unknown	No data	No data	571 B	17 kB	23.158.56.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 09:57:39	medium	173.214.244.181	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2024-05-10 09:57:39	medium	173.214.244.181	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	70cf2080fa.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	555 B	2024-05-10	2024-05-10
Pretty URL 70cf2080fa.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 11:58:21 Last Seen2024-05-10 11:58:21 Times Seen1 Hash 4638c5eb649476d8378e1c03ad51e3c5 eeb9d8b976030e9af3e3b897cc4da9e640ab4ed1 4a547771728e6fbd58e347d64fb6a0be325a3865b122a71ac105c8d6a6f8a93b Loading...

	33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	0 B	2023-03-07	2024-05-20
Pretty URL 33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201 ASN #63023 AS-GLOBALTELEHOST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:29:47 Times Seen37896069 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (456)

	URL	IP	Size
	ykrvt.bestssp.top/?pl=qRuQunqVKEWrY1jyLTBUOA&sub_id=1328	188.114.96.1	0 B
URL ykrvt.bestssp.top/?pl=qRuQunqVKEWrY1jyLTBUOA&sub_id=1328 IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?pl=qRuQunqVKEWrY1jyLTBUOA&sub_id=1328 HTTP/1.1 Host: ykrvt.bestssp.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gtptnwswrld6.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Fri, 10 May 2024 09:57:39 GMT content-length: 0 location: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 set-cookie: qRuQunqVKEWrY1jyLTBUOA=16; max-age=345600; path=/; samesite=lax __pl=a16b2493-cac4-42f0-8a93-ff1bf1381922; expires=Sun, 10 May 2026 09:57:39 GMT; path=/; samesite=lax __cap=1; max-age=3600; path=/; samesite=lax cache-control: max-age=0, no-cache, no-store, must-revalidate accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5AY%2F4Fn%2F6h0GhpGfvAfjHjhUx3G%2B6XDV5eJsnud4i1b5Drdx49E%2BA6Klq0r%2BMYxHx3n03UwpqCFLFhREHIh8z9EmcQ5HxZbM17Z2sXvGnuUV1Yjq0kiJKONY2tEWO33VqrI8Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 881910fc4af5b4f4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-header.jpg	104.21.37.155	78 kB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-header.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Size 78 kB (78090 bytes) Hash 7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac HTTP Headers GET /video-bit/assets/pc-header.jpg HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/jpeg content-length: 78090 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-1310a" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YR7NSnRgmvJaMT4z4cBx6oIVQ0fY%2BCMi8kp3icp%2Bvszt5FKrflmWMHBfO9KyDk2sTq%2BiB9pJgDiWnUiSECzWEFWXH6%2BLPGtACZzPoV636MYq%2BdUyvrQceSb3OiAx7Jfg6zr%2BxhUPTGiLdvs1IqDp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe2b58568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/mobile-header.jpg	104.21.37.155	16 kB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/mobile-header.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3 Size 16 kB (15684 bytes) Hash cd2599ebcf088e38b0136da54be6056b 831aa894f796523bb13da5295773fad0adf08a43 bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a HTTP Headers GET /video-bit/assets/mobile-header.jpg HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/jpeg content-length: 15684 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-3d44" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hn8u8%2BKXi3q8wYwHs1jIPV8cAyQH8TfSX65pCAv5yZcOfoP3A0YNYZPYuHQTgveql%2BYNUu%2BOzEqRZ%2FobqMLPt5LndL%2BQaAUOq5Rrp3%2FBAriNxEfQfvuzgwcqvOzmnoATw6orqUZ%2Bp00DXcK3u6Vn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe2b5f568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-after-video.jpg	104.21.37.155	221 kB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-after-video.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size 221 kB (220788 bytes) Hash bde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21 HTTP Headers GET /video-bit/assets/pc-after-video.jpg HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/jpeg content-length: 220788 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-35e74" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BQhMUleGYHSlaR52Xp7eUasB89MDlzRazdhdqglKkhcjj112kYOSc07mMNch0gDpGOTThvsBSM9nHZoDycQ%2BeP2DMj7wd8tsUWLo%2B0uYlV70sw9IoAw41SkZoR6DDqv3tsRiMpTg1CVn2Mc%2BwHf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe3b83568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/mobile-after-video.png	104.21.37.155	160 kB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/mobile-after-video.png IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size 160 kB (159828 bytes) Hash d443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93 HTTP Headers GET /video-bit/assets/mobile-after-video.png HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/png content-length: 159828 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-27054" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPc6IKpOv%2B1b21jA5RIUX5KR9ZhFoH2STQwP5cUbS%2FNfI%2BvrxxlOzgvbDZr5Pijo22Qa6Swyast%2Bnut2t9iQrn3fA4%2FaYK0y%2FdtWn8fpEwM89wafU2NBE0oPcQcsxtOLjaoRM2qV9ilb%2BA%2Bxic3c"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe3b89568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/video.gif	104.21.37.155	1.3 MB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/video.gif IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 300 x 225 Size 1.3 MB (1261197 bytes) Hash 219f73ae12fc4696639ce99694cb6463 4265f8a22afe580964444a549afab5a07edde5c6 19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c HTTP Headers GET /video-bit/assets/video.gif HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/gif content-length: 1261197 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-133e8d" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=linBO6wclNJSgK%2BlhKklC%2BzogON2oKwxCucywpMIV%2FnqKrRqbhfBOW7mntxqNq5FyMHM%2F5dZjl3zdKjnh%2F8dJS%2FQzMXPDKWcV%2FX%2B%2BNepX0Wqj3KFCEpKABocK9EPABGBis1%2F4e7mTtZwbd%2B9zMiT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe2b6c568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-sidebar.jpg	104.21.37.155	163 kB
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/pc-sidebar.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size 163 kB (162651 bytes) Hash 2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63 HTTP Headers GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/jpeg content-length: 162651 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-27b5b" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykFM%2FaeRLX1U%2FP11r8R7uVal2yrElFUYOqGHV1ATJWIS9%2FgvgwElsFuC2HHNNZqbTpm2O%2FURxsuf8luHH0mMgv3DpwtQeu19f0ZA%2BT7An5fSAvOTOXsfp5NnECSrhJJ9GBX8DoWAkGGX0RyTNGCy"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe4b9d568b-OSL alt-svc: h3=":443"; ma=86400

	ykrvt.check-tl-ver-154-2.com/video-bit/assets/spinning-circles2.svg	104.21.37.155	796 B
URL ykrvt.check-tl-ver-154-2.com/video-bit/assets/spinning-circles2.svg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type SVG Scalable Vector Graphics image Size 796 B (796 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /video-bit/assets/spinning-circles2.svg HTTP/1.1 Host: ykrvt.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: image/svg+xml last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: W/"6627c958-1f7" cache-control: max-age=14400 cf-cache-status: HIT age: 4229 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkUz4irg4ybMSgkAisZsbPyBgblF1wGkMZk71FmdTC3ZSl4dQIoskWMpt5fr1LAuRjj5wtBfkSH1rlwPWAkKdX3oJpPI5mIen786eN0ISaX4ZzdlXg87MVlhgg6LK2VEztlPAzaqqANevhkLmgGk"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881910fe2b74568b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rexpush.club/js/s_2aaf969f822ebc15f79be74c059a1e86.min.js?tag=1328&attempt=0&rnd=581033676&lnd=adult_video_3&v=2&token=2da4af00d834dfbd23fda189a58e00c9&click_id=wotc78beo5ckfh61jl4pea5s&sub1=&sub2=&sub3=&tb=&t_rdr=	199.182.164.165	40 kB
URL rexpush.club/js/s_2aaf969f822ebc15f79be74c059a1e86.min.js?tag=1328&attempt=0&rnd=581033676&lnd=adult_video_3&v=2&token=2da4af00d834dfbd23fda189a58e00c9&click_id=wotc78beo5ckfh61jl4pea5s&sub1=&sub2=&sub3=&tb=&t_rdr= IP 199.182.164.165:0 ASN #15317 SERVEREL-AS File type JavaScript source, ASCII text, with very long lines (40608), with CRLF line terminators Size 40 kB (40276 bytes) Hash 12b93c89590e5634a3a07f1aee2912a7 f8052ea738915d9230865cb8a65b9addcca98a20 634a341e7fc2ab072a14901efa454359beae067b4a788b54ab0d68e56d7f1d2a HTTP Headers GET /js/s_2aaf969f822ebc15f79be74c059a1e86.min.js?tag=1328&attempt=0&rnd=581033676&lnd=adult_video_3&v=2&token=2da4af00d834dfbd23fda189a58e00c9&click_id=wotc78beo5ckfh61jl4pea5s&sub1=&sub2=&sub3=&tb=&t_rdr= HTTP/1.1 Host: rexpush.club User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://gtptnwswrld6.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:38 GMT content-type: text/javascript;charset=UTF-8 set-cookie: _f_30d9ff6106b5fe28d448dd5186c64932=3; expires=Mon, 08-May-2034 09:57:38 GMT; Max-Age=315360000; path=/; domain=.rexpush.club; secure; SameSite=None content-encoding: gzip X-Firefox-Spdy: h2`

	www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js	142.250.74.131	9.9 kB
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP 142.250.74.131:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text, with very long lines (38231) Size 9.9 kB (9934 bytes) Hash 0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522 HTTP Headers `GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 9934 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 10 May 2024 02:03:17 GMT expires: Sat, 10 May 2025 02:03:17 GMT cache-control: public, max-age=31536000 age: 28463 last-modified: Thu, 31 Aug 2023 15:20:50 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pa.check-tl-ver-154-2.com/video-bit/assets/mobile-header.jpg	104.21.37.155	16 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/mobile-header.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 623x71, components 3 Size 16 kB (15684 bytes) Hash cd2599ebcf088e38b0136da54be6056b 831aa894f796523bb13da5295773fad0adf08a43 bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a HTTP Headers GET /video-bit/assets/mobile-header.jpg HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/jpeg content-length: 15684 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-3d44" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZqZAWA8JJ22seG%2Bjw%2FWRV2RleGxtlrl3RWer2qsVyhksm0Un%2FubBJdbpBcj5AKrb6h6RAysLazmcVrfrWB%2BuL6P4V8jLf%2FbJLwtotZi5pzb8kosQwWmkSvyLUeNKkA6VmpqLEmDkb5%2FpSpu"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911040c24568b-OSL alt-svc: h3=":443"; ma=86400

	pa.check-tl-ver-154-2.com/video-bit/assets/pc-header.jpg	104.21.37.155	78 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/pc-header.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x124, components 3 Size 78 kB (78090 bytes) Hash 7b5471d796895489e8526d789b9d40f6 0239e9afbff1cf03adb273fd5b24e68f17f52659 f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac HTTP Headers GET /video-bit/assets/pc-header.jpg HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/jpeg content-length: 78090 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-1310a" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhxqABZSa06dCWqXuwRmg6S2iPCZ8s%2FsDj5uvtFbw97ByDnXddf%2FVc7S1nCmcWvVsIQ87mYoBZS4scxYs8PcXI3Q9nZL01%2FH%2F%2FT9COhLApObFHjsQbbUHVhrgG1dzH9XCyCm9O4Nwgmyyivr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 88191103fc23568b-OSL alt-svc: h3=":443"; ma=86400

	pa.check-tl-ver-154-2.com/video-bit/assets/mobile-after-video.png	104.21.37.155	160 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/mobile-after-video.png IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type PNG image data, 623 x 477, 8-bit/color RGBA, non-interlaced Size 160 kB (159828 bytes) Hash d443d6dbbc102de6552453c20708a93b 591fa73cc4a0406124ca56dce015db983f540a12 60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93 HTTP Headers GET /video-bit/assets/mobile-after-video.png HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/png content-length: 159828 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-27054" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOzGdoygGpjy2AWFGKrPrcn6Q1jJv17nQlRAuQ9ciLB0ts%2FYnE6pAG1aJQpxxpkH8dvTdo6h0KPgcIdrO9cYBIVmLsbcxx7yAJ%2BOq97hG7YqE2FSGm%2BBlKQ%2BeblgrmKOppz5pVy0cqgPbwm4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911041c2f568b-OSL alt-svc: h3=":443"; ma=86400

	pa.check-tl-ver-154-2.com/video-bit/assets/pc-sidebar.jpg	104.21.37.155	163 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/pc-sidebar.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 332x647, components 3 Size 163 kB (162651 bytes) Hash 2f5daa5004b75049f0bec772965b7943 a1336e046340afce9445ced5e26dc006fd47f6e9 121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63 HTTP Headers GET /video-bit/assets/pc-sidebar.jpg HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/jpeg content-length: 162651 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-27b5b" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27dZ2eoLTAROSlEEBWbQbfdVvJfFGDWWNmIpKl8nUSVK7Tfl9N2XvCwZjQRgQ7zoSIm2Lw1Z%2F%2B0aTvbGPrRvxTdtZForqs9Mq8RMSaqq8WEA9uRLZ3URnMBsps7LwvLEeL7Qhn%2By8ctIcPPN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911041c30568b-OSL alt-svc: h3=":443"; ma=86400

	pa.check-tl-ver-154-2.com/video-bit/assets/pc-after-video.jpg	104.21.37.155	221 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/pc-after-video.jpg IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 977x370, components 3 Size 221 kB (220788 bytes) Hash bde3fee065c7408f2ba31b7633552644 75d8d5e0f57af3ac24337d0c496fcc549566c4fc 1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21 HTTP Headers GET /video-bit/assets/pc-after-video.jpg HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/jpeg content-length: 220788 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-35e74" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uIRozl1gzYL%2B0OaCUpTWEG48bvgoQxC3pareNwJLEXzoevOJ7XT%2B79kLAXK%2F3qGj3PL7%2Bk1QrLJ8ndDfHzWe%2F5P174iHx%2F5%2FINxIuhoAi3sHrkDW1MYvIeauAbwnIfWFzKI8ZWZLwN9joBh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911040c2d568b-OSL alt-svc: h3=":443"; ma=86400

	pa.check-tl-ver-154-2.com/video-bit/assets/video.gif	104.21.37.155	1.3 MB
URL pa.check-tl-ver-154-2.com/video-bit/assets/video.gif IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 300 x 225 Size 1.3 MB (1261197 bytes) Hash 219f73ae12fc4696639ce99694cb6463 4265f8a22afe580964444a549afab5a07edde5c6 19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c HTTP Headers GET /video-bit/assets/video.gif HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/gif content-length: 1261197 last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: "6627c958-133e8d" cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDE%2BaisJTIW13xeMStk2FRD32dlYAlAm1xnaKKu0Gyqtt9MAIjZ%2B9w6Ub0BNyoPcyw7Gj0WO8R1T0Q1E09vL7ivgacHc1WkESVZ5TW99MdzNpphS7KoB6MwcBUlj5lIyuDNZu7PHLxG7JSoQ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911040c25568b-OSL alt-svc: h3=":443"; ma=86400

	www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js	142.250.74.131	9.3 kB
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP 142.250.74.131:0 ASN #15169 GOOGLE File type JavaScript source, ASCII text, with very long lines (28368) Size 9.3 kB (9308 bytes) Hash 9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5 HTTP Headers `GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 9308 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 01:57:01 GMT expires: Fri, 09 May 2025 01:57:01 GMT cache-control: public, max-age=31536000 age: 115240 last-modified: Thu, 31 Aug 2023 15:20:38 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	pa.check-tl-ver-154-2.com/video-bit/assets/v_F.ico	104.21.37.155	11 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/v_F.ico IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Size 11 kB (10822 bytes) Hash 183cab2f5d4582ef71ae37efc8d458dd 7c230eba9c1ce7900ea9bbf53dde00ea068dc995 c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e HTTP Headers GET /video-bit/assets/v_F.ico HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: image/x-icon last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: W/"6627c958-47e" cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FKZiyTyaeXUTRPnmJUhm0goOVvL6Ghy%2BLJxbeJd6%2Bxk%2BeZ%2BAyYf95yYfDZ11O7rg0ROjc0CAsU5AgXUpZmO0xAEzFiSeawz6Ipqj1k32x3GvoOMZWpTafPnBw5slsGODNGc7iC5%2FBgAUDd9"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 88191105eec7568b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	news-nadete.com/tds?id=1218770951&p1=tk_206192	23.158.56.123	0 B
URL news-nadete.com/tds?id=1218770951&p1=tk_206192 IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tds?id=1218770951&p1=tk_206192 HTTP/1.1 Host: news-nadete.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:42 GMT content-length: 0 location: https://e03c0e25cb.news-rolehi.com/?id=1218770951&p1=tk_206192 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359	104.21.37.155	47 kB
URL pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type HTML document, Unicode text, UTF-8 text, with very long lines (445), with CRLF line terminators Size 47 kB (47156 bytes) Hash ed5b4a74eaf9de7de46d51d21953a87b 31907e53e698aaf1305093e593af4dad86ae1fdf 5e72c0f8a8788d43991964250a03ffb7864eb2e2e5b24e779c43012741b2519a HTTP Headers GET /video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: text/html last-modified: Tue, 23 Apr 2024 14:44:40 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2y8GHEgNm4tOYCDYKmcY0whJcNfMMcCbuGuL%2BFpWVzQfyKP6FMYAmeo8oAkI498Ql%2F3UODsSgPoUBN%2F7ImzG2zgrJbvvweB%2FOde%2BAalgv%2BXgHpWHkKXrw4ZQg80Tucb8OAa%2FYBGRS7nDJ8z5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 881911031a5c568b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	e03c0e25cb.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL e03c0e25cb.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: e03c0e25cb.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e03c0e25cb.news-rolehi.com/?id=1218770951&p1=tk_206192 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:42 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e03c0e25cb.news-rolehi.com/lands/37/favicon.png	23.158.56.201	1.2 kB
URL e03c0e25cb.news-rolehi.com/lands/37/favicon.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Size 1.2 kB (1233 bytes) Hash e7ffe9c659d8c729e12e20dfe05509be 2c413e09ebd14dd3020209fe9c9183e0335fc250 880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50 HTTP Headers `GET /lands/37/favicon.png HTTP/1.1 Host: e03c0e25cb.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e03c0e25cb.news-rolehi.com/?id=1218770951&p1=tk_206192 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:42 GMT content-type: image/png content-length: 1233 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-4d1" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e03c0e25cb.news-rolehi.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:42 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:42 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejlm; expires=Mon, 10 Jun 2024 09:57:42 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:24 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e03c0e25cb.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-length: 0 location: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/lp.js	23.158.56.201	758 B
URL 41c7fcad05.news-rolehi.com/lands/36/lp.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Size 758 B (758 bytes) Hash dbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8 HTTP Headers `GET /lands/36/lp.js HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 758 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2f6" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 41c7fcad05.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/style.css	23.158.56.201	3.1 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (11701), with no line terminators Size 3.1 kB (3136 bytes) Hash db606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae HTTP Headers `GET /lands/36/img/style.css HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: text/css content-length: 3136 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-c40" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/logo.png	23.158.56.201	7.4 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/logo.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Size 7.4 kB (7398 bytes) Hash 6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193 HTTP Headers `GET /lands/36/img/logo.png HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/png content-length: 7398 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ce6" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/search-icon.png	23.158.56.201	461 B
URL 41c7fcad05.news-rolehi.com/lands/36/img/search-icon.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Size 461 B (461 bytes) Hash 71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2 HTTP Headers `GET /lands/36/img/search-icon.png HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/png content-length: 461 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1cd" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/player-controls-l.png	23.158.56.201	945 B
URL 41c7fcad05.news-rolehi.com/lands/36/img/player-controls-l.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Size 945 B (945 bytes) Hash 6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324 HTTP Headers `GET /lands/36/img/player-controls-l.png HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/png content-length: 945 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-3b1" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/player-controls-r.png	23.158.56.201	408 B
URL 41c7fcad05.news-rolehi.com/lands/36/img/player-controls-r.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Size 408 B (408 bytes) Hash f0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be HTTP Headers `GET /lands/36/img/player-controls-r.png HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/png content-length: 408 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-198" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/player-bg.jpg	23.158.56.201	11 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/player-bg.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 11 kB (11291 bytes) Hash d0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a HTTP Headers `GET /lands/36/img/player-bg.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 11291 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2c1b" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-1.jpg	23.158.56.201	9.6 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-1.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9604 bytes) Hash 8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea HTTP Headers `GET /lands/36/img/pics-1.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9604 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2584" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-2.jpg	23.158.56.201	9.5 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-2.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9474 bytes) Hash b1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8 HTTP Headers `GET /lands/36/img/pics-2.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9474 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2502" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-3.jpg	23.158.56.201	9.4 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-3.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9413 bytes) Hash 76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775 HTTP Headers `GET /lands/36/img/pics-3.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9413 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24c5" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-4.jpg	23.158.56.201	9.5 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-4.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9468 bytes) Hash 107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468 HTTP Headers `GET /lands/36/img/pics-4.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9468 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24fc" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-5.jpg	23.158.56.201	9.6 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-5.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9557 bytes) Hash 628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d HTTP Headers `GET /lands/36/img/pics-5.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9557 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2555" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-6.jpg	23.158.56.201	9.6 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-6.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9620 bytes) Hash a83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818 HTTP Headers `GET /lands/36/img/pics-6.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9620 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2594" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-7.jpg	23.158.56.201	9.5 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-7.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9484 bytes) Hash 94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e HTTP Headers `GET /lands/36/img/pics-7.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9484 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250c" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-8.jpg	23.158.56.201	9.8 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-8.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.8 kB (9750 bytes) Hash 2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1 HTTP Headers `GET /lands/36/img/pics-8.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9750 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2616" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-9.jpg	23.158.56.201	9.6 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-9.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9646 bytes) Hash c3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73 HTTP Headers `GET /lands/36/img/pics-9.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9646 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25ae" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-10.jpg	23.158.56.201	9.7 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-10.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.7 kB (9681 bytes) Hash 00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada HTTP Headers `GET /lands/36/img/pics-10.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9681 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25d1" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-11.jpg	23.158.56.201	9.5 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-11.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9483 bytes) Hash 8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2 HTTP Headers `GET /lands/36/img/pics-11.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9483 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250b" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-12.jpg	23.158.56.201	9.5 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-12.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9487 bytes) Hash 3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a HTTP Headers `GET /lands/36/img/pics-12.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9487 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250f" accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/lands/36/img/pics-13.jpg	23.158.56.201	9.4 kB
URL 41c7fcad05.news-rolehi.com/lands/36/img/pics-13.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9378 bytes) Hash cd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2 HTTP Headers `GET /lands/36/img/pics-13.jpg HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: image/jpeg content-length: 9378 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24a2" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/ Cookie: _subid=376l60j11aejlm; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:43 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:43 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejlu; expires=Mon, 10 Jun 2024 09:57:43 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:26 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://41c7fcad05.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-length: 0 location: https://4ea8a1d776.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4ea8a1d776.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 4ea8a1d776.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 4ea8a1d776.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4ea8a1d776.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4ea8a1d776.news-rolehi.com/ Cookie: _subid=376l60j11aejlu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:43 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:43 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejm0; expires=Mon, 10 Jun 2024 09:57:43 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:26 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4ea8a1d776.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-length: 0 location: https://843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	843490e125.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 843490e125.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 843490e125.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	843490e125.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL 843490e125.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: 843490e125.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://843490e125.news-rolehi.com/ Cookie: _subid=376l60j11aejm0; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:43 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:43 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejm7; expires=Mon, 10 Jun 2024 09:57:43 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:26 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://843490e125.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-length: 0 location: https://ab5db3d15f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	843490e125.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL 843490e125.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash 2a1bebe3806e026af14b419a81c9944a e12251cf5b3de1dd48dddd7cdd6679ecd1318639 a3a0468e7a5bdfdf7eb1138bf7f93707de7f9db3ecd9df7dea0d9f440932f527 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 843490e125.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	ab5db3d15f.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL ab5db3d15f.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: ab5db3d15f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ab5db3d15f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ab5db3d15f.news-rolehi.com/ Cookie: _subid=376l60j11aejm7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:44 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejm9; expires=Mon, 10 Jun 2024 09:57:44 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:28 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ab5db3d15f.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-length: 0 location: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/lp.js	23.158.56.201	758 B
URL fbd78d23ff.news-rolehi.com/lands/36/lp.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Size 758 B (758 bytes) Hash dbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8 HTTP Headers `GET /lands/36/lp.js HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 content-length: 758 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2f6" accept-ranges: bytes X-Firefox-Spdy: h2`

	e03c0e25cb.news-rolehi.com/?id=1218770951&p1=tk_206192	23.158.56.201	51 kB
URL e03c0e25cb.news-rolehi.com/?id=1218770951&p1=tk_206192 IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 51 kB (51027 bytes) Hash c744d571017b5a8e1ce0f2c813f4964f d3cd0c358c0b2f9a856d9973fe9a51d5350ae768 2d9797f1302f02bbb4911e48ec1133ce33fd18d9e5b256219060082256a41a04 HTTP Headers `GET /?id=1218770951&p1=tk_206192 HTTP/1.1 Host: e03c0e25cb.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:42 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	pa.check-tl-ver-154-2.com/video-bit/assets/style.css	104.21.37.155	4.5 kB
URL pa.check-tl-ver-154-2.com/video-bit/assets/style.css IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (11704), with CRLF line terminators Size 4.5 kB (4515 bytes) Hash 6cd0d860d072da300e9b20905b8e7357 63678b94be7086ca60b1053a061244e36aa55cd7 352348f941e099d0c291a26ec7c118ee97db0b98c4580233e754e0a568ba6ddf HTTP Headers GET /video-bit/assets/style.css HTTP/1.1 Host: pa.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/video-bit/?pl=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&nrid=509a9aa791c44dfcabf6b6ecca0e3014&hash=M9TEEgtwbMlQ50HtZt8ecQ&exp=1715335359 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: text/css last-modified: Tue, 23 Apr 2024 14:44:40 GMT etag: W/"6627c958-1a3c" content-encoding: gzip cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SBnKZ5iROM3cwgucw%2Fe8THn%2Bwku6m5T7g%2BP%2Bl82vNc50FSKDCo37SxqrclRYtIR%2FjkhwxFuDeHrFHF51rwzJslugsab%2FYYQcRK26aDmZG%2BHHPAwfYnvPPk6LDyLKc0JD11nZUJAr2Nd5cgA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 88191103fc1f568b-OSL alt-svc: h3=":443"; ma=86400

	cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&click_id=&sub_id=1328&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=509a9aa791c44dfcabf6b6ecca0e3014	104.21.37.155	21 kB
URL cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&click_id=&sub_id=1328&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=509a9aa791c44dfcabf6b6ecca0e3014 IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix Size 21 kB (21165 bytes) Hash f8dc69609eeefdfde431d52fabba539d ecdc6673318142c6031b06738ce20b76e2178711 e76d72619001b4bd090af0d3a26b897ffa983627ac953cc54021beafae312398 HTTP Headers GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&click_id=&sub_id=1328&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=509a9aa791c44dfcabf6b6ecca0e3014 HTTP/1.1 Host: cdnstatic.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ykrvt.check-tl-ver-154-2.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:40 GMT content-type: application/javascript cache-control: max-age=0, no-cache, no-store, must-revalidate accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-encoding: gzip cf-cache-status: BYPASS set-cookie: __psu=d70460cf-ed5b-4dae-a5a5-c75828221fdf; expires=Sun, 10 May 2026 09:57:40 GMT; path=/; secure; samesite=none report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RI3n6mJH0%2FgNQ6llOU4ckTMj4g23Zr33K9%2BxQvUztPB2pni00jvHMahfPzhaNS2QuTU6NFcnbN4xTEc80dOq6SO9Bz%2FkyhGHPhERTkWWWXhmei8m9XnCa3m4RnzrrBbKQOFFL4%2BVxPJYxaCQ%2FYKdKyZZmA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881911008f18568b-OSL alt-svc: h3=":443"; ma=86400

	cdnstatic.check-tl-ver-154-2.com/ps/tb?id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&click_id=&nrid=8885f9ce03f8ba610447cb2516452868&reason=tb_exit&attempt=2	104.21.37.155	611 B
URL cdnstatic.check-tl-ver-154-2.com/ps/tb?id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&click_id=&nrid=8885f9ce03f8ba610447cb2516452868&reason=tb_exit&attempt=2 IP 104.21.37.155:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with CRLF line terminators Size 611 B (611 bytes) Hash a12eee8bdf2946ff91ce4dce20921752 04687d3b2ec06c72a0c7b2d7f861ddeda5eed920 8ba555e44c412b3979d5d423be5c0eab22685068c01c86df32b156ddca35be61 HTTP Headers GET /ps/tb?id=qRuQunqVKEWrY1jyLTBUOA&sm=video-bit&sub_id=1328&click_id=&nrid=8885f9ce03f8ba610447cb2516452868&reason=tb_exit&attempt=2 HTTP/1.1 Host: cdnstatic.check-tl-ver-154-2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pa.check-tl-ver-154-2.com/ Cookie: __psu=d70460cf-ed5b-4dae-a5a5-c75828221fdf Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 09:57:41 GMT content-type: text/html cache-control: max-age=0, no-cache, no-store, must-revalidate accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKLMtMB3iPxnxuXXHmDWMnbSBejNd2vqKtZAogny4QL2eSALyASfqt9g0HH3Y%2FBfcgS8PE%2FtBlNfIOwXJLCRLvETDjU9Kgh5ZkAFBBaJa5L0VLQVYUzZZPrDb4rN2p04fVLYSW0koxB3%2F2jbk3gG3Dnf5g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 881911081a25568b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	fbd78d23ff.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/player-controls-l.png	23.158.56.201	945 B
URL fbd78d23ff.news-rolehi.com/lands/36/img/player-controls-l.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Size 945 B (945 bytes) Hash 6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324 HTTP Headers `GET /lands/36/img/player-controls-l.png HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/png content-length: 945 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-3b1" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/player-controls-r.png	23.158.56.201	408 B
URL fbd78d23ff.news-rolehi.com/lands/36/img/player-controls-r.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Size 408 B (408 bytes) Hash f0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be HTTP Headers `GET /lands/36/img/player-controls-r.png HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/png content-length: 408 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-198" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/player-bg.jpg	23.158.56.201	11 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/player-bg.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 11 kB (11291 bytes) Hash d0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a HTTP Headers `GET /lands/36/img/player-bg.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 11291 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2c1b" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-1.jpg	23.158.56.201	9.6 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-1.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9604 bytes) Hash 8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea HTTP Headers `GET /lands/36/img/pics-1.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9604 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2584" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-2.jpg	23.158.56.201	9.5 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-2.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9474 bytes) Hash b1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8 HTTP Headers `GET /lands/36/img/pics-2.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9474 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2502" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-3.jpg	23.158.56.201	9.4 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-3.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9413 bytes) Hash 76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775 HTTP Headers `GET /lands/36/img/pics-3.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9413 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24c5" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-4.jpg	23.158.56.201	9.5 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-4.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9468 bytes) Hash 107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468 HTTP Headers `GET /lands/36/img/pics-4.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9468 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24fc" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-5.jpg	23.158.56.201	9.6 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-5.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9557 bytes) Hash 628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d HTTP Headers `GET /lands/36/img/pics-5.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9557 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2555" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-6.jpg	23.158.56.201	9.6 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-6.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9620 bytes) Hash a83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818 HTTP Headers `GET /lands/36/img/pics-6.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9620 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2594" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-7.jpg	23.158.56.201	9.5 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-7.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9484 bytes) Hash 94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e HTTP Headers `GET /lands/36/img/pics-7.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9484 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250c" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-8.jpg	23.158.56.201	9.8 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-8.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.8 kB (9750 bytes) Hash 2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1 HTTP Headers `GET /lands/36/img/pics-8.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9750 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2616" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-9.jpg	23.158.56.201	9.6 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-9.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9646 bytes) Hash c3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73 HTTP Headers `GET /lands/36/img/pics-9.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9646 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25ae" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-10.jpg	23.158.56.201	9.7 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-10.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.7 kB (9681 bytes) Hash 00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada HTTP Headers `GET /lands/36/img/pics-10.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9681 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25d1" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-11.jpg	23.158.56.201	9.5 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-11.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9483 bytes) Hash 8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2 HTTP Headers `GET /lands/36/img/pics-11.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9483 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250b" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/lands/36/img/pics-12.jpg	23.158.56.201	9.5 kB
URL fbd78d23ff.news-rolehi.com/lands/36/img/pics-12.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9487 bytes) Hash 3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a HTTP Headers `GET /lands/36/img/pics-12.jpg HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9487 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250f" accept-ranges: bytes X-Firefox-Spdy: h2`

	4ea8a1d776.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 4ea8a1d776.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash ea572fb0c4e1685a12bd31c5417f4990 391bb93e3199c7d51109f3397678227f88cb04bc 2b12a687f3408582a320a1dd168577981c550b2adc6cbfb8a7c5618e8bca18cb HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 4ea8a1d776.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4ea8a1d776.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fbd78d23ff.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-length: 0 location: https://cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	cdad15ce44.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL cdad15ce44.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: cdad15ce44.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	cdad15ce44.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL cdad15ce44.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: cdad15ce44.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdad15ce44.news-rolehi.com/ Cookie: _subid=376l60j11aejme; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:44 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejmi; expires=Mon, 10 Jun 2024 09:57:44 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:28 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	cdad15ce44.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL cdad15ce44.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 8786095b67a8054538d947c6bbbfb10f 2273be0b252ff51d8fe8147b414fc439d259611c 6afce4cdd7dd1e462674af88cbd39e9ae9b9b7587778c33a74c333069eaafb0c HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: cdad15ce44.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/lp.js	23.158.56.201	758 B
URL a8439bd35e.news-rolehi.com/lands/36/lp.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Size 758 B (758 bytes) Hash dbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8 HTTP Headers `GET /lands/36/lp.js HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 content-length: 758 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2f6" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL a8439bd35e.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/style.css	23.158.56.201	3.1 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (11701), with no line terminators Size 3.1 kB (3136 bytes) Hash db606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae HTTP Headers `GET /lands/36/img/style.css HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: text/css content-length: 3136 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-c40" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/logo.png	23.158.56.201	7.4 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/logo.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Size 7.4 kB (7398 bytes) Hash 6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193 HTTP Headers `GET /lands/36/img/logo.png HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/png content-length: 7398 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ce6" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/search-icon.png	23.158.56.201	461 B
URL a8439bd35e.news-rolehi.com/lands/36/img/search-icon.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Size 461 B (461 bytes) Hash 71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2 HTTP Headers `GET /lands/36/img/search-icon.png HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/png content-length: 461 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1cd" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	46 kB
URL fbd78d23ff.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 46 kB (45634 bytes) Hash 1adf4d9d623318344a3a3e5e2b93172e 941c4de02ef2d166cfff8e36a20530a6db019177 ec3bc521c15f9c0d0f2aa350315495bc04e26a7b03b94f0c3105a70682f427d2 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/player-controls-r.png	23.158.56.201	408 B
URL a8439bd35e.news-rolehi.com/lands/36/img/player-controls-r.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Size 408 B (408 bytes) Hash f0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be HTTP Headers `GET /lands/36/img/player-controls-r.png HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/png content-length: 408 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-198" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/player-bg.jpg	23.158.56.201	11 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/player-bg.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 11 kB (11291 bytes) Hash d0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a HTTP Headers `GET /lands/36/img/player-bg.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 11291 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2c1b" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-1.jpg	23.158.56.201	9.6 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-1.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9604 bytes) Hash 8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea HTTP Headers `GET /lands/36/img/pics-1.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9604 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2584" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-2.jpg	23.158.56.201	9.5 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-2.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9474 bytes) Hash b1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8 HTTP Headers `GET /lands/36/img/pics-2.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9474 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2502" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-3.jpg	23.158.56.201	9.4 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-3.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9413 bytes) Hash 76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775 HTTP Headers `GET /lands/36/img/pics-3.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9413 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24c5" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-4.jpg	23.158.56.201	9.5 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-4.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9468 bytes) Hash 107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468 HTTP Headers `GET /lands/36/img/pics-4.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9468 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24fc" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-5.jpg	23.158.56.201	9.6 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-5.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9557 bytes) Hash 628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d HTTP Headers `GET /lands/36/img/pics-5.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9557 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2555" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-6.jpg	23.158.56.201	9.6 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-6.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9620 bytes) Hash a83d5196e71bd6f9c55ef3e7322e527c 9dbddad413391599552c4d9cc5c9e8a287ef910f 52212d360cbbf493678d8e8bf75c20b7ad4b1d6cf86bf03e1c87fb5b4d6cb818 HTTP Headers `GET /lands/36/img/pics-6.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9620 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2594" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-7.jpg	23.158.56.201	9.5 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-7.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9484 bytes) Hash 94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e HTTP Headers `GET /lands/36/img/pics-7.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9484 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250c" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-8.jpg	23.158.56.201	9.8 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-8.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.8 kB (9750 bytes) Hash 2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1 HTTP Headers `GET /lands/36/img/pics-8.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9750 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2616" accept-ranges: bytes X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/lands/36/img/pics-9.jpg	23.158.56.201	9.6 kB
URL a8439bd35e.news-rolehi.com/lands/36/img/pics-9.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9646 bytes) Hash c3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73 HTTP Headers `GET /lands/36/img/pics-9.jpg HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: image/jpeg content-length: 9646 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25ae" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/ Cookie: _subid=376l60j11aejmi; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:44 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejmo; expires=Mon, 10 Jun 2024 09:57:44 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:28 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a8439bd35e.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-length: 0 location: https://38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	38eb2b7a67.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 38eb2b7a67.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 38eb2b7a67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	38eb2b7a67.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL 38eb2b7a67.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: 38eb2b7a67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	38eb2b7a67.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 38eb2b7a67.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 86158fff60228fe0ce55c9cff479216d ac1b13cf4da639eb1aac62dd201fb480813ed260 85665814339d29da8c003ff28ae285fc9ffc1f1ec33e06ac150acc1904b6ad69 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 38eb2b7a67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://38eb2b7a67.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-length: 0 location: https://fb4c49fda4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fb4c49fda4.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL fb4c49fda4.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: fb4c49fda4.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fb4c49fda4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fb4c49fda4.news-rolehi.com/ Cookie: _subid=376l60j11aejmq; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:45 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:45 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejmt; expires=Mon, 10 Jun 2024 09:57:45 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:30 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fb4c49fda4.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-length: 0 location: https://60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	24 kB
URL 60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 24 kB (24135 bytes) Hash 309ecc7c747a739faf3a8397ae760308 aa709a57e675a4541184886bc0b3fb14f0f23dc9 be25f98bc0a195330ba1f3af2a51179b047de412c2a08ff6e5d675fd879b83bd HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 60c03b475e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fb4c49fda4.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	60c03b475e.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL 60c03b475e.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: 60c03b475e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	60c03b475e.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL 60c03b475e.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: 60c03b475e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	60c03b475e.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	500 kB
URL 60c03b475e.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 500 kB (500082 bytes) Hash 2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: 60c03b475e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	60c03b475e.news-rolehi.com/lands/53/js/device.js	23.158.56.201	1.1 kB
URL 60c03b475e.news-rolehi.com/lands/53/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/53/js/device.js HTTP/1.1 Host: 60c03b475e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://60c03b475e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://60c03b475e.news-rolehi.com/ Cookie: _subid=376l60j11aejmt; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:45 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:45 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejn1; expires=Mon, 10 Jun 2024 09:57:45 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:30 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://60c03b475e.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-length: 0 location: https://a9ed37f16c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a9ed37f16c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL a9ed37f16c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash d0944f6864f602afcd196f5bb343e764 facc448fced777f43c3cc302414ef9827fc7378d 91a39f0154db82dc3dc01c916eb89822b2103b3ac52c155785617002d49c1754 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a9ed37f16c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://60c03b475e.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ab5db3d15f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	48 kB
URL ab5db3d15f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 48 kB (48228 bytes) Hash c0d2e48272b6237a0a1118673f3c4fb8 ac994f3199c2874777861194c18a4ccbe7ea6532 b350874d6d64c8896043d1c7bba6976a39c07ec5a9b937c676c4f0bb930e3665 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ab5db3d15f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://843490e125.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a9ed37f16c.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL a9ed37f16c.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: a9ed37f16c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a9ed37f16c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.65.178	1.1 kB
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.65.178:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 1.1 kB (1080 bytes) Hash be4fb980ae468443890aabc1bbc9b404 a4b22a62356fa296d6c7b660f01d75c71cdafce5 811f15d3e1b591100a056b0ad57f5eacf032a015f7999bc9f86d87d224026678 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://60c03b475e.news-rolehi.com/ Origin: https://60c03b475e.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://60c03b475e.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a9ed37f16c.news-rolehi.com/ Cookie: _subid=376l60j11aejn1; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:46 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:46 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejn7; expires=Mon, 10 Jun 2024 09:57:46 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:32 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a9ed37f16c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-length: 0 location: https://8d83f296d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	12 kB
URL 38eb2b7a67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 12 kB (11825 bytes) Hash 124b484418e2e17de9ce60c67da3dbe0 5273087c130ea56448f542ca839fac0a67f2b4f7 727f22adf5a0ed6136df6ba596a5bfd486d62de3704448b24f3947ff13d6b8b9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 38eb2b7a67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a8439bd35e.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	18 kB
URL fbd78d23ff.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 18 kB (18138 bytes) Hash 382a429dd22c2f7a372e579c28252dc1 f59908ed558e2c9c6fff4dad90f4741c9a578c08 230a7113fe96379c8a2a280d393f98e0551a65c9a55053e3524801109f4cfe25 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: fbd78d23ff.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ab5db3d15f.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	17 kB
URL 41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 17 kB (17038 bytes) Hash 83e90727990964d81e7183dc0b383bc3 20457b8d8f631807e04521b8d3e27f8e4d802c64 49853f819234544f8da10f1bb19d669cfee01378bd3a26fa4efc7a0a7dc88aa1 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e03c0e25cb.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:42 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8d83f296d8.news-rolehi.com/ Cookie: _subid=376l60j11aejn7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:46 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:46 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejnd; expires=Mon, 10 Jun 2024 09:57:46 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:32 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8d83f296d8.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-length: 0 location: https://e15af0d3eb.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e15af0d3eb.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL e15af0d3eb.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: e15af0d3eb.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e15af0d3eb.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	4ea8a1d776.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	77 kB
URL 4ea8a1d776.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 77 kB (77431 bytes) Hash 08ecd23e4dafe5c4f43c748a1bdf3bb0 b4e04d86ff1b4d7347db4ab4dff859837fd7f694 2664a650eaf90914034659557ce2d1222604ce02b0d7cc494499d828868b9efa HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 4ea8a1d776.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://41c7fcad05.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e15af0d3eb.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-length: 0 location: https://30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	30127b7ab8.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 30127b7ab8.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 30127b7ab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	30127b7ab8.news-rolehi.com/lands/57/css/style.css	23.158.56.201	1.2 kB
URL 30127b7ab8.news-rolehi.com/lands/57/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4468), with no line terminators Size 1.2 kB (1213 bytes) Hash b07eb7ba1a3bb505eba51b55f4ffa9ff fea4806dafcdda47dff4bb6aa09362ded48879d5 086ceb41d9cccb6678d0a759d730383098e9d80d8067e9b8ce06d0972d2dae68 HTTP Headers `GET /lands/57/css/style.css HTTP/1.1 Host: 30127b7ab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: text/css content-length: 1213 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-4bd" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	30127b7ab8.news-rolehi.com/lands/57/js/device.js	23.158.56.201	1.1 kB
URL 30127b7ab8.news-rolehi.com/lands/57/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/57/js/device.js HTTP/1.1 Host: 30127b7ab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://30127b7ab8.news-rolehi.com/ Cookie: _subid=376l60j11aejni; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:46 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:46 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejnl; expires=Mon, 10 Jun 2024 09:57:46 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:32 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30127b7ab8.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-length: 0 location: https://d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash c587a722be56cbb3f47f4d6265635c09 28d9c0fbe1a41e0992860c1f4e6c981666ba5951 2732e705eac30cdcc521902959946cde62f058d0a8d7d68eddadf6f829e5ec7a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: d9a29f08e6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://30127b7ab8.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d9a29f08e6.news-rolehi.com/lands/20/style.css	23.158.56.201	868 B
URL d9a29f08e6.news-rolehi.com/lands/20/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (2230), with no line terminators Size 868 B (868 bytes) Hash d4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311 HTTP Headers `GET /lands/20/style.css HTTP/1.1 Host: d9a29f08e6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: text/css content-length: 868 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-364" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d9a29f08e6.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL d9a29f08e6.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: d9a29f08e6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	2.7 kB
URL 843490e125.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (1334) Size 2.7 kB (2671 bytes) Hash 65ed35142b2bf032225a58bb94c978a6 94ade32a36be81d8e15e4f2d1be5f4d7a7a6a813 c509e100b34d8784dc4404cc789224afc94989f253cdbd3943a5f0f98fa965c6 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 843490e125.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4ea8a1d776.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d9a29f08e6.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-length: 0 location: https://346c0c4497.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	346c0c4497.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	86 kB
URL 346c0c4497.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 86 kB (86536 bytes) Hash 56ef8c3fa9c355b4a11e6bdbff83dfc8 45f85c15b669c640b6c556c6e5b0dd1a62a1f0f1 94d4ca1b147c581fa162a1c717061e759e0c768cf9457fcac31334b108e8ec2f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 346c0c4497.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d9a29f08e6.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	8.9 kB
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417) Size 8.9 kB (8894 bytes) Hash 9b96449779dba7b9770970658e2fcee4 f7fdda44296aa537742de18218991f0a59898ff9 09da4fdcf12506d6ba400330693ec60b1636ae576a8f29b6c9dd742764ebcb48 HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d9a29f08e6.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:57:47 GMT date: Fri, 10 May 2024 09:57:47 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	346c0c4497.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 346c0c4497.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 17f4c0ca57a9b56e3d973e76d367c8d3 6e1bf6cf668b65d9de1112046adda2f5b566368a a4a2581dc462ba75251a4aaf8cbdb411e10ac270db1ca23925c5373cb1e0c6ac HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 346c0c4497.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://346c0c4497.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://346c0c4497.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-length: 0 location: https://0ce46b94c6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a9ed37f16c.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL a9ed37f16c.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash b389fc36f7370186f589fe9d9405a933 58f153c59eb1222879c9356a5b41783d7796b6ce add47f9ea218def439aea0847e7350ea0a535839d6bbb0fd5d6bcd821f345084 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a9ed37f16c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a9ed37f16c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	0ce46b94c6.news-rolehi.com/lands/48/preloader-43.5794040.gif	23.158.56.201	7.0 kB
URL 0ce46b94c6.news-rolehi.com/lands/48/preloader-43.5794040.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 160 x 160 Size 7.0 kB (7010 bytes) Hash 5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e HTTP Headers `GET /lands/48/preloader-43.5794040.gif HTTP/1.1 Host: 0ce46b94c6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0ce46b94c6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: image/gif content-length: 7010 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b62" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0ce46b94c6.news-rolehi.com/ Cookie: _subid=376l60j11aejo3; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:47 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejo7; expires=Mon, 10 Jun 2024 09:57:47 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:34 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0ce46b94c6.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-length: 0 location: https://47b8832bc0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	47b8832bc0.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 47b8832bc0.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 47b8832bc0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47b8832bc0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47b8832bc0.news-rolehi.com/ Cookie: _subid=376l60j11aejo7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:47 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejoc; expires=Mon, 10 Jun 2024 09:57:47 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:34 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://47b8832bc0.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-length: 0 location: https://a38d9800e7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a38d9800e7.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL a38d9800e7.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: a38d9800e7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a38d9800e7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a38d9800e7.news-rolehi.com/ Cookie: _subid=376l60j11aejoc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:48 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejod; expires=Mon, 10 Jun 2024 09:57:48 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:36 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a38d9800e7.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-length: 0 location: https://86742aab38.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	86742aab38.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 86742aab38.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 86742aab38.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86742aab38.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86742aab38.news-rolehi.com/ Cookie: _subid=376l60j11aejod; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:48 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejoi; expires=Mon, 10 Jun 2024 09:57:48 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:36 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://86742aab38.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-length: 0 location: https://59d2db9608.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	59d2db9608.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 59d2db9608.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 59d2db9608.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://59d2db9608.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://59d2db9608.news-rolehi.com/ Cookie: _subid=376l60j11aejoi; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:48 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejom; expires=Mon, 10 Jun 2024 09:57:48 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:36 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://59d2db9608.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-length: 0 location: https://8aabae8a2d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	8aabae8a2d.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 8aabae8a2d.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 8aabae8a2d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8aabae8a2d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	41c7fcad05.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	46 kB
URL 41c7fcad05.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 46 kB (45902 bytes) Hash 72f0609751fb1a6096fed00773cb88c4 fc5021c765c85df63933db36bf3e2fc055bfd92c 73ff120d573b303bb69d7e55166e4805aa21282b6c0f0d1359a716cdca924a1b HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 41c7fcad05.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://41c7fcad05.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	8aabae8a2d.news-rolehi.com/lands/57/js/device.js	23.158.56.201	1.1 kB
URL 8aabae8a2d.news-rolehi.com/lands/57/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/57/js/device.js HTTP/1.1 Host: 8aabae8a2d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8aabae8a2d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8aabae8a2d.news-rolehi.com/ Cookie: _subid=376l60j11aejom; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:48 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejos; expires=Mon, 10 Jun 2024 09:57:48 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:36 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8aabae8a2d.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-length: 0 location: https://df9fa7aa93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	df9fa7aa93.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL df9fa7aa93.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: df9fa7aa93.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://df9fa7aa93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://df9fa7aa93.news-rolehi.com/ Cookie: _subid=376l60j11aejos; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:49 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:49 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejp0; expires=Mon, 10 Jun 2024 09:57:49 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:38 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://df9fa7aa93.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-length: 0 location: https://08107f30f5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fb4c49fda4.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	52 kB
URL fb4c49fda4.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 52 kB (52535 bytes) Hash 1517ac93256f53e389fa4adc480734d6 531a8b39f3222be7932724d39f79233f9a730828 a21c9aa6c1c6654b9559cf1929cb99fa7fd70b9dc2ac24b7273d35e0a7c386f7 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: fb4c49fda4.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fb4c49fda4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	df9fa7aa93.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL df9fa7aa93.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash 6700a8f0f23cf9407ea0c36d7306dc63 ff6226701586f01e5c633d772cdedfbb6469c9db f55efe38741070eeedae51a65218c6e0b07d832f8777ba318b8faf12b3b70f61 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: df9fa7aa93.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://df9fa7aa93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://08107f30f5.news-rolehi.com/ Cookie: _subid=376l60j11aejp0; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:49 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:49 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejp4; expires=Mon, 10 Jun 2024 09:57:49 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:38 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://08107f30f5.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-length: 0 location: https://ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash b77dc45c4843ba314a254ee233992999 0d21043a2ffedf546bb8a6e9a12cbf0e14af1dc5 a15f68be6012292198fed02e57f952bfc5667b4c3353eecf948d5c73403bc995 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ba98fa0b5a.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://08107f30f5.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ba98fa0b5a.news-rolehi.com/lands/20/style.css	23.158.56.201	868 B
URL ba98fa0b5a.news-rolehi.com/lands/20/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (2230), with no line terminators Size 868 B (868 bytes) Hash d4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311 HTTP Headers `GET /lands/20/style.css HTTP/1.1 Host: ba98fa0b5a.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/css content-length: 868 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-364" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	ba98fa0b5a.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL ba98fa0b5a.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: ba98fa0b5a.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.65.178	584 B
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.65.178:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 584 B (584 bytes) Hash 81cddad03baf5d2bce087fb1568e7b86 0216feebc12dcf73cffbc7368d6d9ab46a73a6e0 2da57f7f46543222b66c86ca8c5a3cb99fd196a931f0a9622062e93bc55747ff HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://08107f30f5.news-rolehi.com/ Origin: https://08107f30f5.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://08107f30f5.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ba98fa0b5a.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-length: 0 location: https://be87b0dd3c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	be87b0dd3c.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL be87b0dd3c.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: be87b0dd3c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://be87b0dd3c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://be87b0dd3c.news-rolehi.com/ Cookie: _subid=376l60j11aejp8; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:49 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:49 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejpa; expires=Mon, 10 Jun 2024 09:57:49 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:38 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.65.178	45 kB
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.65.178:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 45 kB (45295 bytes) Hash 4ab2227611e03c5d517af6e1e775bc90 d363fb3ef9b12da4402d0b9688e0757646992a11 ef1b7fef39ee22413d9417596b5697fd8810c1effd0229a8b5303f5436197e41 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://59d2db9608.news-rolehi.com/ Origin: https://59d2db9608.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://59d2db9608.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	440ff53057.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 440ff53057.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 440ff53057.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://440ff53057.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://440ff53057.news-rolehi.com/ Cookie: _subid=376l60j11aejpa; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:50 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:50 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejpk; expires=Mon, 10 Jun 2024 09:57:50 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:40 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://440ff53057.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-length: 0 location: https://85737a85fd.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	85737a85fd.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 85737a85fd.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 85737a85fd.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://85737a85fd.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d9a29f08e6.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	136 kB
URL d9a29f08e6.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 136 kB (135972 bytes) Hash 06c3c85fef15c32b4f067ea44b672ab5 2d9c755ef5d90b0b77fe5f01422bf2f223490b37 2d3db58c190fca61f72246515360601045e40d0bd4ff16893b4a96cfb48f853a HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: d9a29f08e6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d9a29f08e6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://85737a85fd.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-length: 0 location: https://48ca711612.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	48ca711612.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 48ca711612.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 48ca711612.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://48ca711612.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	135 kB
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type gzip compressed data, max compression Size 135 kB (134851 bytes) Hash 577cf4d786af9e651f9a64b6df28f55b d768e109bc44ce1513bc694f37438d48fde7e24b 09233a53db674c4935d41faba758fd9c696e6af39d9894e231252a8c0e4077cb HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a9ed37f16c.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:57:45 GMT date: Fri, 10 May 2024 09:57:45 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	55 kB
URL a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (44310) Size 55 kB (54717 bytes) Hash 5188cb3c6fd534df51ce28c23fcd4866 36287b7efb9a1964b17d1b9cf39e0b1049bd0d10 b9e5ff9573d7719b2420453ca823a99bc1041322bac14801c75053233dff0c3e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdad15ce44.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ba381c41f7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	11 kB
URL ba381c41f7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (9573) Size 11 kB (10786 bytes) Hash 3e549bcbc70f911f6ec54445f4bdd721 707d5bfd976ae0abeda23d1938d3bff10ec6fa1a b06f41612300e62d04c58c6e71fd0f43f1d2783c0b5747ea7e99664fa278273c HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ba381c41f7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://48ca711612.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ba381c41f7.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL ba381c41f7.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: ba381c41f7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba381c41f7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	08107f30f5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	94 kB
URL 08107f30f5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (63955) Size 94 kB (94419 bytes) Hash 1449a2b52bac8f92b1f31fe5b56c1753 4f6004c0a6b0feca03d1f88d71d9afce09e2d7cc a48493e07a121c711278e9cbd5b30ac6dace7ae9fcceed365b2565d1cb7e8992 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 08107f30f5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://df9fa7aa93.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	be87b0dd3c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	99 kB
URL be87b0dd3c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (63955) Size 99 kB (98681 bytes) Hash bb8bace17390333508ff62b15ca720f6 38362a25ad74854c01c736b4ecbdbcc4c41f2970 78dab6b825d760a1a4a698ac9711ed876858dbcc0048dd2a0952ee2d7ad19bc7 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: be87b0dd3c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ba98fa0b5a.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	86742aab38.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	134 kB
URL 86742aab38.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 134 kB (134528 bytes) Hash 82f62bc196322dd75acbfde6cb03c8ad b01169369678340a398150f596f6bdf9a9c6891a 42b042286a110171414ef6cc1d286d8b8f483b59166c53c6b8b8021922fa6a84 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 86742aab38.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86742aab38.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	ba381c41f7.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL ba381c41f7.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: ba381c41f7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba381c41f7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba381c41f7.news-rolehi.com/ Cookie: _subid=376l60j11aejpr; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:51 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejpu; expires=Mon, 10 Jun 2024 09:57:51 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:42 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	ba381c41f7.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL ba381c41f7.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 5ff94a0e2df14c2701de3fffb80bb2f0 f72593e4dd09692f7bf0b1ed0c0b0e6c92c517f5 140b6ba3f3f3fae613627103ac678f9802b23180db61e0dc537849b2cbd2c281 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ba381c41f7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba381c41f7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	0105c36326.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 0105c36326.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	0105c36326.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL 0105c36326.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	0105c36326.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL 0105c36326.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/ Cookie: _subid=376l60j11aejpu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:51 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejq5; expires=Mon, 10 Jun 2024 09:57:51 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:42 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	0105c36326.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	377 kB
URL 0105c36326.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 377 kB (376778 bytes) Hash 4b01a3d259e93865ae95ad60ac072427 87739849615641a0cbf9abcb4896bb39bc326c58 9a22f4217ee450f0e15711760b9ee1b3a3ede5fefa9a1ef8d06698ef4f43c2c6 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	279a9758e2.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 279a9758e2.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 279a9758e2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://279a9758e2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	df9fa7aa93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	79 kB
URL df9fa7aa93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 79 kB (78644 bytes) Hash 1c2dc67d69b474df55bc18d8a41d14d5 ced7bf2e8c08ca3e28fc8512291d0c6f4366ab0c 8da286af4f9cc040e7c9743bed29af013a0bbe113deef75410347c1611ee5ed8 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: df9fa7aa93.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8aabae8a2d.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	279a9758e2.news-rolehi.com/lands/57/js/device.js	23.158.56.201	1.1 kB
URL 279a9758e2.news-rolehi.com/lands/57/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/57/js/device.js HTTP/1.1 Host: 279a9758e2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://279a9758e2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://279a9758e2.news-rolehi.com/ Cookie: _subid=376l60j11aejq5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:51 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejq9; expires=Mon, 10 Jun 2024 09:57:51 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:42 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://279a9758e2.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-length: 0 location: https://bf8927631c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	bf8927631c.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL bf8927631c.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: bf8927631c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bf8927631c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bf8927631c.news-rolehi.com/ Cookie: _subid=376l60j11aejq9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:51 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejqf; expires=Mon, 10 Jun 2024 09:57:51 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:42 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bf8927631c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-length: 0 location: https://a274d69213.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a274d69213.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL a274d69213.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: a274d69213.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a274d69213.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a274d69213.news-rolehi.com/ Cookie: _subid=376l60j11aejqf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:51 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejqi; expires=Mon, 10 Jun 2024 09:57:52 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:44 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.65.178	600 B
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.65.178:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 600 B (600 bytes) Hash 4d447ac4dd8cca59f6fe4a5f9aa6f3ef f0420293caec119c44ebf8ae8decafd401514051 eb26a20b9e19f6f299b8c1dabf432d85fe61dd1e9f018614b636370f075ede63 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://843490e125.news-rolehi.com/ Origin: https://843490e125.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:43 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://843490e125.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	0811f41488.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 0811f41488.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 0811f41488.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0811f41488.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a274d69213.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	47 kB
URL a274d69213.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 47 kB (47068 bytes) Hash deacf635b724fb18d488c05b47632b43 6c9d9c433d5b30e7c727126b5cfffbb10fcf0b34 b1af90d3283428a8d49466cf7f7d9e1dc543465dca17eff11167708e0b4ae763 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a274d69213.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a274d69213.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0811f41488.news-rolehi.com/ Cookie: _subid=376l60j11aejqi; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:52 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejqn; expires=Mon, 10 Jun 2024 09:57:52 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:44 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0811f41488.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-length: 0 location: https://a3dc861681.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a3dc861681.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL a3dc861681.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash 4cfd9574d0c0692913fa1396476a2d79 677cf8016ae516c08e7194235f74096c1494d122 dff78c6efb3b39f81e6528ea6640f6b8c2318433a215aa3e0a6da43765dba706 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a3dc861681.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0811f41488.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a8439bd35e.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	46 kB
URL a8439bd35e.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 46 kB (46171 bytes) Hash 1ac765075888e42cec7461d38952983c a38e3db13a59383036582834e5857ad863986677 474aa876f9049f4fe8dda2594d561b03ffe9a1e91115871bd4903cf54474f3a5 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a8439bd35e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a8439bd35e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	a3dc861681.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL a3dc861681.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: a3dc861681.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a3dc861681.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a3dc861681.news-rolehi.com/ Cookie: _subid=376l60j11aejqn; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:52 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejqr; expires=Mon, 10 Jun 2024 09:57:52 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:44 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a3dc861681.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-length: 0 location: https://abf03c30b5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	abf03c30b5.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL abf03c30b5.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: abf03c30b5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://abf03c30b5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	4.6 kB
URL 30127b7ab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (3027) Size 4.6 kB (4560 bytes) Hash 75e868388c90223f4a0275e838d2b5de 1425536c7523d44f4f721be5874e66f2bfc0f7d1 bef89c925f780a06c529d010178b219136266269ac57f5ca90ab91a1832226cf HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 30127b7ab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e15af0d3eb.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:46 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://abf03c30b5.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-length: 0 location: https://74f870fd34.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	74f870fd34.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 74f870fd34.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 74f870fd34.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://74f870fd34.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	0ce46b94c6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	138 kB
URL 0ce46b94c6.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (37323) Size 138 kB (137479 bytes) Hash 23933848939f513c4934569ae9b7236f de37eaf473cd57f67d67c1d2a202e06ec48a8193 b624deb1bf469168f7392b84bada6dee1333dac8badda01c89ff6cb30437866b HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0ce46b94c6.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://346c0c4497.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://74f870fd34.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-length: 0 location: https://86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	86bc97a3c5.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 86bc97a3c5.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 86bc97a3c5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	86bc97a3c5.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL 86bc97a3c5.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: 86bc97a3c5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86bc97a3c5.news-rolehi.com/ Cookie: _subid=376l60j11aejr2; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:53 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejra; expires=Mon, 10 Jun 2024 09:57:53 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://86bc97a3c5.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-length: 0 location: https://0eafbcfc83.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	0eafbcfc83.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 0eafbcfc83.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 0eafbcfc83.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0eafbcfc83.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	0eafbcfc83.news-rolehi.com/lands/48/preloader-43.5794040.gif	23.158.56.201	7.0 kB
URL 0eafbcfc83.news-rolehi.com/lands/48/preloader-43.5794040.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 160 x 160 Size 7.0 kB (7010 bytes) Hash 5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e HTTP Headers `GET /lands/48/preloader-43.5794040.gif HTTP/1.1 Host: 0eafbcfc83.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0eafbcfc83.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: image/gif content-length: 7010 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b62" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0eafbcfc83.news-rolehi.com/ Cookie: _subid=376l60j11aejra; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:53 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejrc; expires=Mon, 10 Jun 2024 09:57:53 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0eafbcfc83.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-length: 0 location: https://0d0c78ff7b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	0d0c78ff7b.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 0d0c78ff7b.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 0d0c78ff7b.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0d0c78ff7b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0d0c78ff7b.news-rolehi.com/ Cookie: _subid=376l60j11aejrc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:53 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejre; expires=Mon, 10 Jun 2024 09:57:53 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0d0c78ff7b.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-length: 0 location: https://eac5bc11a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	eac5bc11a2.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL eac5bc11a2.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: eac5bc11a2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://eac5bc11a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://eac5bc11a2.news-rolehi.com/ Cookie: _subid=376l60j11aejre; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:53 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejrl; expires=Mon, 10 Jun 2024 09:57:53 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://eac5bc11a2.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-length: 0 location: https://47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	47263a4615.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 47263a4615.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 47263a4615.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	47263a4615.news-rolehi.com/lands/48/preloader-43.5794040.gif	23.158.56.201	7.0 kB
URL 47263a4615.news-rolehi.com/lands/48/preloader-43.5794040.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 160 x 160 Size 7.0 kB (7010 bytes) Hash 5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e HTTP Headers `GET /lands/48/preloader-43.5794040.gif HTTP/1.1 Host: 47263a4615.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/gif content-length: 7010 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b62" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47263a4615.news-rolehi.com/ Cookie: _subid=376l60j11aejrl; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:54 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:54 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejrn; expires=Mon, 10 Jun 2024 09:57:54 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:48 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://47263a4615.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-length: 0 location: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	0d0c78ff7b.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL 0d0c78ff7b.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash 218bfd33391b85fee0bd9db0f6fae0fd 8d1f35b486a9e5578c44f32267f87970e47d8fb4 301b1da62b84f6af7a65fb2043f987f7d9c4fa9d6227ebdd681d4198e6684d17 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0d0c78ff7b.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0d0c78ff7b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/lands/39/img/icon1.png	23.158.56.201	7.3 kB
URL 43c8800c8f.news-rolehi.com/lands/39/img/icon1.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers `GET /lands/39/img/icon1.png HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 7252 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/lands/39/img/icon2.png	23.158.56.201	4.6 kB
URL 43c8800c8f.news-rolehi.com/lands/39/img/icon2.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers `GET /lands/39/img/icon2.png HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 4576 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/lands/39/img/icon3.png	23.158.56.201	7.8 kB
URL 43c8800c8f.news-rolehi.com/lands/39/img/icon3.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers `GET /lands/39/img/icon3.png HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 7847 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	7.8 kB
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type gzip compressed data, max compression Size 7.8 kB (7816 bytes) Hash 7fe7a715110bd6e491a8d3c911639981 4c73905991f9ce10db40a535850236e1470ba78f 350f809c6cac50f8630d26a9d571adaf21c8b7bd085603d3532a4f291f0eb207 HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba98fa0b5a.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:57:49 GMT date: Fri, 10 May 2024 09:57:49 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	43c8800c8f.news-rolehi.com/lands/39/img/icon5.png	23.158.56.201	3.3 kB
URL 43c8800c8f.news-rolehi.com/lands/39/img/icon5.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers `GET /lands/39/img/icon5.png HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 3264 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	fb4c49fda4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	222 kB
URL fb4c49fda4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (63955) Size 222 kB (222294 bytes) Hash ae590399388860dc159db01abb68f8e9 de886f587e7c312223a691b53aac54848042dc73 d627ef02345bf947cb2ff01007074ccfab8a900b6087c140aa89921777105860 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: fb4c49fda4.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://38eb2b7a67.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:45 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/lands/39/img/icon8.png	23.158.56.201	4.1 kB
URL 43c8800c8f.news-rolehi.com/lands/39/img/icon8.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers `GET /lands/39/img/icon8.png HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 4064 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/ Cookie: _subid=376l60j11aejrn; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:54 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:54 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejrt; expires=Mon, 10 Jun 2024 09:57:54 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:48 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://43c8800c8f.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-length: 0 location: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/lp.js	23.158.56.201	758 B
URL 770c0801e1.news-rolehi.com/lands/36/lp.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Size 758 B (758 bytes) Hash dbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8 HTTP Headers `GET /lands/36/lp.js HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 content-length: 758 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2f6" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 770c0801e1.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/style.css	23.158.56.201	3.1 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (11701), with no line terminators Size 3.1 kB (3136 bytes) Hash db606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae HTTP Headers `GET /lands/36/img/style.css HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: text/css content-length: 3136 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-c40" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/logo.png	23.158.56.201	7.4 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/logo.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Size 7.4 kB (7398 bytes) Hash 6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193 HTTP Headers `GET /lands/36/img/logo.png HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 7398 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ce6" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/search-icon.png	23.158.56.201	461 B
URL 770c0801e1.news-rolehi.com/lands/36/img/search-icon.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Size 461 B (461 bytes) Hash 71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2 HTTP Headers `GET /lands/36/img/search-icon.png HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 461 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1cd" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/player-controls-l.png	23.158.56.201	945 B
URL 770c0801e1.news-rolehi.com/lands/36/img/player-controls-l.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Size 945 B (945 bytes) Hash 6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324 HTTP Headers `GET /lands/36/img/player-controls-l.png HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 945 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-3b1" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/player-controls-r.png	23.158.56.201	408 B
URL 770c0801e1.news-rolehi.com/lands/36/img/player-controls-r.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Size 408 B (408 bytes) Hash f0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be HTTP Headers `GET /lands/36/img/player-controls-r.png HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/png content-length: 408 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-198" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/player-bg.jpg	23.158.56.201	11 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/player-bg.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 11 kB (11291 bytes) Hash d0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a HTTP Headers `GET /lands/36/img/player-bg.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 11291 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2c1b" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-1.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-1.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9604 bytes) Hash 8374be5c573da988b4d76c1051f8cbc7 c319af79d391edeac2268173798952dd71f0ecf2 41889b3a66aec88fc8a474f19a6c2f6933200524597ccf76f2c9f995687099ea HTTP Headers `GET /lands/36/img/pics-1.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9604 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2584" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-2.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-2.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9474 bytes) Hash b1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8 HTTP Headers `GET /lands/36/img/pics-2.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9474 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2502" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-3.jpg	23.158.56.201	9.4 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-3.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9413 bytes) Hash 76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775 HTTP Headers `GET /lands/36/img/pics-3.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9413 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24c5" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-4.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-4.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9468 bytes) Hash 107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468 HTTP Headers `GET /lands/36/img/pics-4.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9468 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24fc" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-5.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-5.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9557 bytes) Hash 628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d HTTP Headers `GET /lands/36/img/pics-5.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9557 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2555" accept-ranges: bytes X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	55 kB
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type gzip compressed data, max compression Size 55 kB (55093 bytes) Hash 90bbb7f1ece8a8d9187c95ea5d3b5c14 1f8f145437765e0dcde7dd79187725c61fe0d86f 92b1d14cad07b2b11394113e449ea68127fbbf7617b52c392938d637a24362cb HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a3dc861681.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:57:52 GMT date: Fri, 10 May 2024 09:57:52 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	770c0801e1.news-rolehi.com/lands/36/img/pics-7.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-7.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9484 bytes) Hash 94edfad63e95c79618692b8d8dc20587 f582b7b70443ea1fff184ade49ab560fc8fd3318 0940f729e51d0fb610affca787415657f39a630cc0450d08576f69fd0f71756e HTTP Headers `GET /lands/36/img/pics-7.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9484 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250c" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-8.jpg	23.158.56.201	9.8 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-8.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.8 kB (9750 bytes) Hash 2e7eafc3878ee465f96bca0f9d1e1712 c4f353f12542db5d2df3be74dbae890e0430ac6e df67f968a051026a5c43eb3e40b8d02a0c72bc742055526fef7e2655dd837cc1 HTTP Headers `GET /lands/36/img/pics-8.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9750 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2616" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-9.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-9.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9646 bytes) Hash c3af10d166a4447c21f25e4a32383a5d 37a0342d08d6933b3bbfd4063b7ba998c991dd73 963fbe86dc33b1a1ba5c695bf9b74ebde439bc7a9260137121d747cf4cfbdd73 HTTP Headers `GET /lands/36/img/pics-9.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9646 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25ae" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-10.jpg	23.158.56.201	9.7 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-10.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.7 kB (9681 bytes) Hash 00ad8eccd280144f038e883859beeabe e13583bbe25712e827b8b22b1353c883531f849f 21397b18bd87b564f70404ea1ff41d8d23ba804ed6eea4de323ac1c94e096ada HTTP Headers `GET /lands/36/img/pics-10.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9681 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25d1" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-11.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-11.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9483 bytes) Hash 8611f67b36ff57eaa1060e793b9e6ad4 49f273a5760e7375adb1efc58f0ed2c665da6ae8 de70c6d29629dd9ec1b85e3146390c1019bd608eeb3d7ffdc196627f70ee30b2 HTTP Headers `GET /lands/36/img/pics-11.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9483 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250b" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-12.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-12.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9487 bytes) Hash 3971b0cd6849aef8e63c281fe7e53c57 690281f0f9a05a32be18029632240693f7b26270 20a9e9a79f97878e87f805b977eb6046480b734dfd9e90df9f34b22ef484777a HTTP Headers `GET /lands/36/img/pics-12.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9487 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-250f" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-13.jpg	23.158.56.201	9.4 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-13.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9378 bytes) Hash cd911694d58b5fb86c94cf7a1d5b530b f32925a79b755d76fdf1ae56fa898ef23d816699 5a8f5f99cb386403813964a7ee271660131e9c50eb5267f932a67ce0f4fb2ea2 HTTP Headers `GET /lands/36/img/pics-13.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9378 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24a2" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-14.jpg	23.158.56.201	9.5 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-14.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9498 bytes) Hash 4957499f251b620472eb5fe6fd126c22 a237ac15f4b16256f1c49a40ca07ca168dea540c de5d64cc00dd3bc0e0998e274f41bb78de69cae402e53c4f41c0ab8e0af2cd0b HTTP Headers `GET /lands/36/img/pics-14.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9498 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-251a" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-15.jpg	23.158.56.201	9.7 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-15.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.7 kB (9673 bytes) Hash bf608c2d10293273951a88b8d38de015 15b2a17c7300725aacc27f320480dfe5bf173a00 118f446f628921fb7cab1afeac932ef77d63a7c5a31ffa288427d80c4de69f9f HTTP Headers `GET /lands/36/img/pics-15.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9673 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25c9" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-16.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-16.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9570 bytes) Hash 700dfe65fca751e5c160aa1ed38c0389 61a7a9ba2a5209bb28b6a36c4b7ba9088f4b2886 8f8c3d5f93cc6dc00172cf203f6b0113819e853de45518cbcee1e68f9e95fbc1 HTTP Headers `GET /lands/36/img/pics-16.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9570 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2562" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-17.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-17.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9595 bytes) Hash 3617c828a4589dfd2af8f90e31f92666 0e7a1dbe743c9eaad109659f7b21ab86719b9cd0 f3ab898058b0ebaba11001b5a2b3c5b5db2d7f766000d95abdbfb841fcb16c1f HTTP Headers `GET /lands/36/img/pics-17.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9595 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-257b" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/lands/36/img/pics-18.jpg	23.158.56.201	9.6 kB
URL 770c0801e1.news-rolehi.com/lands/36/img/pics-18.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9645 bytes) Hash 52ada45615791fefe3513b98a28d6c61 334b68a65108b2274dc0d41bbed58d10cbfb41a0 204715e71db20e5daffe8494816412e0998ec0b97b303f16fb4102226c492fa4 HTTP Headers `GET /lands/36/img/pics-18.jpg HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: image/jpeg content-length: 9645 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-25ad" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/ Cookie: _subid=376l60j11aejrt; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:54 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:54 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejs4; expires=Mon, 10 Jun 2024 09:57:54 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:48 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://770c0801e1.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-length: 0 location: https://df989e5972.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	df989e5972.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL df989e5972.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: df989e5972.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://df989e5972.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.65.178	1.2 kB
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.65.178:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 1.2 kB (1224 bytes) Hash fc44c7641186461e64917031cd1dccab fbed962f89d03c8feffe0be32e7bc9d2f6fae176 86fd5e32579e3508f88e77fec3daeff1e9d4b2b74205024edeb97d12c725fbe4 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://74f870fd34.news-rolehi.com/ Origin: https://74f870fd34.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://74f870fd34.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://df989e5972.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-length: 0 location: https://410b65b4a4.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	eac5bc11a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	18 kB
URL eac5bc11a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 18 kB (17861 bytes) Hash ef1fcf8e451b3de12f4e25517a871ab9 9d1a2bbee5fc8a43333aa216c61358cb9b3de11a 74fb06a691a780a1652048b8d450a1ae1d7d7147be8144dbae31ea5d505ed0a1 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: eac5bc11a2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0d0c78ff7b.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	85737a85fd.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	8.8 kB
URL 85737a85fd.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (7710) Size 8.8 kB (8836 bytes) Hash fe7c2ff61c006464a4dd6ab3f127dda2 64b398823ece0120a5cd8c0ffd74eea9cf67e840 6341bc61a1c10287043571c2bccf4efb283cdd4b63672212f5387d53c20b477a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 85737a85fd.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://440ff53057.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:50 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	0811f41488.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	2.7 kB
URL 0811f41488.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (1334) Size 2.7 kB (2671 bytes) Hash 49799a56b72c68aad88af4f51914d49a 88e43d815edcb822ee55c9503543b3186b88d1ce ccdbd508a148f6b9c5ece01dfd51d3010b2ac83d9648723ea1c4d2ded6f0aba0 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0811f41488.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a274d69213.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	8aabae8a2d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	13 kB
URL 8aabae8a2d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 13 kB (12670 bytes) Hash cd4d99209705dde8eb764386b8bacca0 14cca4f664053ef08fcc8f4cfa7123c9ce1db8c3 152737ffa1f3f66f23b56b4732f0239c901d3c645067d555cf2d390d54ed42d9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 8aabae8a2d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://59d2db9608.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a31493061b.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL a31493061b.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: a31493061b.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a31493061b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	47b8832bc0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	78 kB
URL 47b8832bc0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 78 kB (77934 bytes) Hash 8ddb955a22084484ef9cb5e6b0055441 93a61b93e5c371916447ff793b4a1da57b8e9935 c7576c2a5eaed58d2facb0dd2347790eca0150b28a5a5e214074d72de20dd678 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 47b8832bc0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0ce46b94c6.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:47 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	bf8927631c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	91 kB
URL bf8927631c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (63955) Size 91 kB (91283 bytes) Hash 725e0d2b31e83db16e013987561ad039 c50150c277241f96834b403082dd4d8576f17d7a 4fe989de423c34a29f05f84e357f8b3dcc752927f011c7b16451bf3a54ce5e1c HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: bf8927631c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://279a9758e2.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a31493061b.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-length: 0 location: https://38a4cb3326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	38a4cb3326.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 38a4cb3326.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 38a4cb3326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://38a4cb3326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	504 kB
URL 47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 504 kB (504112 bytes) Hash 5374434143261077be0524b3f8c3c629 47fec1dd357c4190fab1ccd4f78d5f11b95c6e79 e3e677eea750dd4b641308c36279eb5207a85799f7e1f6a60464dbc71ec475c8 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 47263a4615.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://eac5bc11a2.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a274d69213.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	122 kB
URL a274d69213.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 122 kB (122120 bytes) Hash d5ce86b4085df28960703ce382f0cee0 b1fe1867162bc4bab4bec8f1273f205bc39c4214 87febe026cc1160772e8fd8fa5bd2cae019d8057bf60fcdac957d5d6dc2965e5 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: a274d69213.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bf8927631c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://38a4cb3326.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-length: 0 location: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 7d42a0db0d.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL 7d42a0db0d.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL 7d42a0db0d.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	500 kB
URL 7d42a0db0d.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 500 kB (500082 bytes) Hash 2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	279a9758e2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	4.6 kB
URL 279a9758e2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (3027) Size 4.6 kB (4560 bytes) Hash 2d292d69263aa3f4209b32cbe2a131ab f14742040e0e6192e5565b24d6e22d867a30896f 7b62903314db89eb6f9631099a245af1dbeea6b213e4ba778dcd88c9ab317a11 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 279a9758e2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0105c36326.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7d42a0db0d.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-length: 0 location: https://9319ca89ae.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	59d2db9608.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	86 kB
URL 59d2db9608.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 86 kB (85541 bytes) Hash 23761f8b1e14dd6f27f295f6ec8b3755 d239d173ea2b10f8d09a0f881d3a3cc869a731c1 1cf6fa7ef776d4095fa984e75485bdeb44d7bb402115fa3a96fef51e1a83d0aa HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 59d2db9608.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://86742aab38.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:48 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9319ca89ae.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL 9319ca89ae.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: 9319ca89ae.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9319ca89ae.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9319ca89ae.news-rolehi.com/ Cookie: _subid=376l60j11aejsn; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:56 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:56 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejsr; expires=Mon, 10 Jun 2024 09:57:56 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:52 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	9319ca89ae.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 9319ca89ae.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash dce633c65b0859e2affcec2a9d8c1682 35e7286a93418b358331bcf5eea56689cf61b461 a3fe5b74ff8b792f8ad608bb6e8a212b350ff7ece8250132a7a051e078b31b16 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 9319ca89ae.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9319ca89ae.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	2ba424bb26.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 2ba424bb26.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 2ba424bb26.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ba424bb26.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ba424bb26.news-rolehi.com/ Cookie: _subid=376l60j11aejsr; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:56 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:56 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejsu; expires=Mon, 10 Jun 2024 09:57:56 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:52 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://2ba424bb26.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-length: 0 location: https://f01aecb362.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	df989e5972.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL df989e5972.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash b8e4660a0fde9d03d8b4f3f469322de7 9a54ad17192c7b7b85c0ba90980ca99ccc942cd0 20f4e99b9ba3d5e14e41b6ea12deefab50507fa6fce92164de884c9f19c2de3b HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: df989e5972.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://df989e5972.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	440ff53057.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	10 kB
URL 440ff53057.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 10 kB (10137 bytes) Hash 5a4a83a63e3ba89010bf182418d78951 8aa13ab49234a9195a34723c02568e0c95440195 adca4dab68347194f0dbede3372a6141778d01f313ed39ec905f1871fa6d091e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 440ff53057.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://be87b0dd3c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	3.2 kB
URL 86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (1530) Size 3.2 kB (3174 bytes) Hash 6daa75e12f6518ac57106d800213a96b 94f6a0a8cda2f08d28e33aab79375f2a2ab5eee8 cecd65fdbdbfbfd464e18992c5a8f05b048ae97942705bb203d1f2b642ffff0f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 86bc97a3c5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://74f870fd34.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	2ba424bb26.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	545 kB
URL 2ba424bb26.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 545 kB (544771 bytes) Hash b0d9ae2a46522dec181840d86ebbd04d 6f9b58e324a83ebaab0ce7d6e5a5482e9795048c 15e3bfd5565befd20f8c1203b470c8339994a5a8797804e38df239881fa38a43 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 2ba424bb26.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ba424bb26.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://f01aecb362.news-rolehi.com/ Cookie: _subid=376l60j11aejsu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:56 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:56 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejt1; expires=Mon, 10 Jun 2024 09:57:56 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:52 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://f01aecb362.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-length: 0 location: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/lands/36/lp.js	23.158.56.201	758 B
URL 138ad8be67.news-rolehi.com/lands/36/lp.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (719), with no line terminators Size 758 B (758 bytes) Hash dbcc3608581394261613182e95963925 d2c19c094e7916d5f7eac24c9a77179ca3bc3ee9 c27bd18e340c53733156ca9e1e26f811e6243913258b19a3c7a2938554e9fed8 HTTP Headers `GET /lands/36/lp.js HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 content-length: 758 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2f6" accept-ranges: bytes X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 138ad8be67.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/lands/36/img/style.css	23.158.56.201	3.1 kB
URL 138ad8be67.news-rolehi.com/lands/36/img/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (11701), with no line terminators Size 3.1 kB (3136 bytes) Hash db606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae HTTP Headers `GET /lands/36/img/style.css HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/css content-length: 3136 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-c40" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	be87b0dd3c.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	142 kB
URL be87b0dd3c.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 142 kB (141465 bytes) Hash 964c5d98caf5e72ad3208dbc5e527724 447ca546fdf8e7c282ad86ab28e1eef3fa0a9ad0 07e3432bbd10e72276d7bda78545009729a2f8b7bee0a2ecf176e55461aafdaa HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: be87b0dd3c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://be87b0dd3c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	86bc97a3c5.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 86bc97a3c5.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 45 kB (45150 bytes) Hash 4cd52ae7cb3233c7e6b353e26a3d0f2f b2131fca261ff27ec0ba492e9b72a17f1d7b2244 e1462d8612deb4d2d502cdbd9325571d1f23f0bed634043c8d4e8de59b08d057 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 86bc97a3c5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://86bc97a3c5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	75 kB
URL 43c8800c8f.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 75 kB (75366 bytes) Hash 93d30fa3cfe033f45369f31bb842df77 5a85eccc92eb772a7cf0baca51535ac9e218e10a 1eccbfb4c5a2a2b645582a046f36f9a19d31c11d90ad84de318d6471fdee3f76 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/lands/36/img/player-controls-l.png	23.158.56.201	945 B
URL 138ad8be67.news-rolehi.com/lands/36/img/player-controls-l.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 146 x 60, 8-bit gray+alpha, non-interlaced Size 945 B (945 bytes) Hash 6865c8700b582e4c7848472bb23dd65a c5ea2c514de8f55145550f9589e1e07cda457994 e1f5b32f965cf94fdb788fa9cff4f2f80b34c234f7e9fa9139de890e89438324 HTTP Headers `GET /lands/36/img/player-controls-l.png HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: image/png content-length: 945 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-3b1" accept-ranges: bytes X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/lands/36/img/player-controls-r.png	23.158.56.201	408 B
URL 138ad8be67.news-rolehi.com/lands/36/img/player-controls-r.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced Size 408 B (408 bytes) Hash f0e42db89f7d0994b3723b35eb05a49f b4e08e7b2c525345d86dc2299663915c84a41b2b 13bbdf214a22994e4e0e655c256ab493cc495f15f9c1f08772cad0761625a9be HTTP Headers `GET /lands/36/img/player-controls-r.png HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: image/png content-length: 408 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-198" accept-ranges: bytes X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/lands/36/img/player-bg.jpg	23.158.56.201	11 kB
URL 138ad8be67.news-rolehi.com/lands/36/img/player-bg.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 11 kB (11291 bytes) Hash d0c6f02d6933f0b93db0942e3e7f3609 bc96b3878d13d0f46aa464e94515f27ad53531b0 7296089ccd9e42b305c5b0398d47a78f900b40225c592c6f1ef23ade5bbe667a HTTP Headers `GET /lands/36/img/player-bg.jpg HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: image/jpeg content-length: 11291 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2c1b" accept-ranges: bytes X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 7d42a0db0d.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 91f4edc6dc0dc6a3b0b7a42e50672f4c 05f3ff62111a34aebe25403e865ed990e4138bb6 4e671d021c5b54f286b2a4f79abbe3e76653867a20d2f26658a2a75ad685b9d6 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://138ad8be67.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-length: 0 location: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL 138ad8be67.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash bbd6acfb20c232dbcc3281fbd83da59f 98a6391dca564999ea594cc42f8f18179997cd6e c13c5d65eaa0d4b89abd2f3b5f56f5cf22c8b118c40df244004630b1c6d27d51 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL c4ac706920.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL c4ac706920.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	500 kB
URL c4ac706920.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 500 kB (500082 bytes) Hash 2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/lands/53/js/device.js	23.158.56.201	1.1 kB
URL c4ac706920.news-rolehi.com/lands/53/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/53/js/device.js HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/ Cookie: _subid=376l60j11aejt7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:57 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:57 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejtb; expires=Mon, 10 Jun 2024 09:57:57 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:54 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.46.99	589 B
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.46.99:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 589 B (589 bytes) Hash 68a0f97100b80f2898c0dcf38f896e31 424de7a18b53553ff4b858865673eab1c86b89f7 97d77d6017827e36b323cedb21cfc5b0c76ca2edaed173e4fa9295f57f66a415 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://138ad8be67.news-rolehi.com/ Origin: https://138ad8be67.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://138ad8be67.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL c4ac706920.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash 6c125c8d8f5aed958c32320d132ed8ae d82cdde1781d2e6bc033135929e4e602748ceb43 2f0d4eb9a82caf2411f339288490f4dc19f30420f04900f52d710d29642d82a0 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	0105c36326.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	180 kB
URL 0105c36326.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 180 kB (179599 bytes) Hash b7f95a1b2e4167b6df5c65fbaa5f87dc 35ce6957f7cd76f9e1bfe16917bde979c7575fd8 8f90b9ea5ae89efec0ef6ec2e6b96e75e3c7d692a5f5f4771fdeb69770557fa6 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://335cc70030.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-length: 0 location: https://e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash 0a64b54c0604fcdbdf59f3e3daa0b6ad 03cae6a45f5627f094ee5ab8dab63e46abbc714c 0a98455d3fca3deb6405caf1bdae8254889dc6f69b862fe53625123600da6196 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: e45ce2ac86.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://335cc70030.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e45ce2ac86.news-rolehi.com/lands/20/style.css	23.158.56.201	868 B
URL e45ce2ac86.news-rolehi.com/lands/20/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (2230), with no line terminators Size 868 B (868 bytes) Hash d4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311 HTTP Headers `GET /lands/20/style.css HTTP/1.1 Host: e45ce2ac86.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: text/css content-length: 868 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-364" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e45ce2ac86.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL e45ce2ac86.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: e45ce2ac86.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e45ce2ac86.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL e45ce2ac86.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 6f16f0651b12e7d70b3ac890875012bb 9efe3feac2cf003e8fa545ad36fbe62309334869 c06a7cb6418b3b551ddc97c0ef3fef8b78e582ad14c448357364605c471835d2 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: e45ce2ac86.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e45ce2ac86.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e45ce2ac86.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-length: 0 location: https://08660ff71c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	08660ff71c.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 08660ff71c.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 08660ff71c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://08660ff71c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	08660ff71c.news-rolehi.com/lands/46/sketch.min.js	23.158.56.201	2.4 kB
URL 08660ff71c.news-rolehi.com/lands/46/sketch.min.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers `GET /lands/46/sketch.min.js HTTP/1.1 Host: 08660ff71c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://08660ff71c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://08660ff71c.news-rolehi.com/ Cookie: _subid=376l60j11aejth; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:58 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:58 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejtj; expires=Mon, 10 Jun 2024 09:57:58 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:56 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://08660ff71c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-length: 0 location: https://9108237a93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	335cc70030.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	53 kB
URL 335cc70030.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 53 kB (52799 bytes) Hash f062096702617c3f2ed7a70920dfa413 ab08428803b81b80ad3c8a592ded05ba31d77b32 c47b9a3dbdee2ff7e27158e7cb3bca0e3e490ae949b60e614cc33a8577c4ab6d HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 335cc70030.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://335cc70030.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	9108237a93.news-rolehi.com/lands/48/preloader-43.5794040.gif	23.158.56.201	7.0 kB
URL 9108237a93.news-rolehi.com/lands/48/preloader-43.5794040.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 160 x 160 Size 7.0 kB (7010 bytes) Hash 5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e HTTP Headers `GET /lands/48/preloader-43.5794040.gif HTTP/1.1 Host: 9108237a93.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9108237a93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: image/gif content-length: 7010 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b62" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9108237a93.news-rolehi.com/ Cookie: _subid=376l60j11aejtj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:58 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:58 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejtl; expires=Mon, 10 Jun 2024 09:57:58 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:56 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9108237a93.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-length: 0 location: https://13454769e3.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	13454769e3.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 13454769e3.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 13454769e3.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://13454769e3.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	13454769e3.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 13454769e3.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash b12a50c49295871ede84d4184140e5c0 7a71ad59aa5e81175eb4484772d597dd82de8c56 1c0a7d373dce6d65239c1db26aaddf9d0869d067cb0b6ad0b91745397bfcefe8 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 13454769e3.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://13454769e3.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	784 B
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type ASCII text Size 784 B (784 bytes) Hash 1ba1a21c8876dbaa3b3b1457aadec340 2373a127295c1cab8d143eb10fe1870d29f02150 47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8 HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e45ce2ac86.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:57:57 GMT date: Fri, 10 May 2024 09:57:57 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	c106ab09d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL c106ab09d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash e2af90f0f3c8c540a75309039fd27897 343f21a6cd7aca040c9b2fb4e0d1156b4a755c34 7968dacabc144422f035a27553a78dc4f9dc982cf90e63880134789a0e26933d HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: c106ab09d8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://13454769e3.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	c106ab09d8.news-rolehi.com/lands/20/style.css	23.158.56.201	868 B
URL c106ab09d8.news-rolehi.com/lands/20/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (2230), with no line terminators Size 868 B (868 bytes) Hash d4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311 HTTP Headers `GET /lands/20/style.css HTTP/1.1 Host: c106ab09d8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c106ab09d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: text/css content-length: 868 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-364" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c106ab09d8.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL c106ab09d8.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: c106ab09d8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c106ab09d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9108237a93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	84 kB
URL 9108237a93.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (37323) Size 84 kB (83883 bytes) Hash cb490bf33b4fba89f21257d7a7b85092 91db7d5cfe78aafa3442ed41db6c0607c64e0437 cce876359c6a3fda80c7dd08bed37c4c44ec9fd9f8996cf8a8445b660af62f66 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 9108237a93.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://08660ff71c.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c106ab09d8.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-length: 0 location: https://5ab5e6b50f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5ab5e6b50f.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 5ab5e6b50f.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 5ab5e6b50f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5ab5e6b50f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c106ab09d8.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	52 kB
URL c106ab09d8.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 52 kB (51941 bytes) Hash 65196c8a9eb9c8ce047e7fc44e5c6c42 b53b07c5f53e2faaa1153e13c5a713711be4dd72 6be8b8044146306a8d00a4c6fe5507c17cede527662ccdad14b91af64941f8b6 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: c106ab09d8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c106ab09d8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	5ab5e6b50f.news-rolehi.com/lands/39/img/icon2.png	23.158.56.201	4.6 kB
URL 5ab5e6b50f.news-rolehi.com/lands/39/img/icon2.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers `GET /lands/39/img/icon2.png HTTP/1.1 Host: 5ab5e6b50f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5ab5e6b50f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/png content-length: 4576 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	5ab5e6b50f.news-rolehi.com/lands/39/img/icon3.png	23.158.56.201	7.8 kB
URL 5ab5e6b50f.news-rolehi.com/lands/39/img/icon3.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers `GET /lands/39/img/icon3.png HTTP/1.1 Host: 5ab5e6b50f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5ab5e6b50f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/png content-length: 7847 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	5ab5e6b50f.news-rolehi.com/lands/39/img/icon4.png	23.158.56.201	7.0 kB
URL 5ab5e6b50f.news-rolehi.com/lands/39/img/icon4.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers `GET /lands/39/img/icon4.png HTTP/1.1 Host: 5ab5e6b50f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5ab5e6b50f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/png content-length: 7032 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	0d0c78ff7b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	12 kB
URL 0d0c78ff7b.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 12 kB (12100 bytes) Hash a9b9afabecaf5db79c8e85398c27faec 604411bf4967a1e4515af985a12074328e75b330 676882573754f479491d402cf75bc42e1d63d41d241e6efd795bb6a60118ccf4 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0d0c78ff7b.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0eafbcfc83.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ba98fa0b5a.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	93 kB
URL ba98fa0b5a.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 93 kB (92661 bytes) Hash 6597e84b0739efdd04a1376d56011251 641e7c550ea5d2206fd3f050ffd34070a8d07dc8 5fbbcf106a7f5af486ec3a38986ecfa6eab82552fae274d0ef66c4e63842055b HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ba98fa0b5a.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ba98fa0b5a.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:49 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5ab5e6b50f.news-rolehi.com/ Cookie: _subid=376l60j11aejtu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:59 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:59 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aeju6; expires=Mon, 10 Jun 2024 09:57:59 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:58 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5ab5e6b50f.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-length: 0 location: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9d668323c0.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 9d668323c0.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 9d668323c0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9d668323c0.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL 9d668323c0.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: 9d668323c0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9d668323c0.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL 9d668323c0.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: 9d668323c0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	9d668323c0.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	500 kB
URL 9d668323c0.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 500 kB (500082 bytes) Hash 2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: 9d668323c0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	9d668323c0.news-rolehi.com/lands/53/js/device.js	23.158.56.201	1.1 kB
URL 9d668323c0.news-rolehi.com/lands/53/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/53/js/device.js HTTP/1.1 Host: 9d668323c0.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9d668323c0.news-rolehi.com/ Cookie: _subid=376l60j11aeju6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:57:59 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:57:59 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejub; expires=Mon, 10 Jun 2024 09:57:59 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:55:58 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	32 kB
URL 0105c36326.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (14801) Size 32 kB (32050 bytes) Hash 31838f8304ae1b2b799580c49d195e5e 8302f107fed99b607c37bba8c93d2fc20fc59cd4 cdb959ddb8718a94664b2824b2d1c8afb256e5179953c7bb953a8a3629555580 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 0105c36326.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ba381c41f7.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:51 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	f01aecb362.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	17 kB
URL f01aecb362.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (15440) Size 17 kB (16783 bytes) Hash 2769502b80901519b79eb391700a921b 6cb120c0e27e1da5730c84aed058cc4b8dc8dca6 a8d9d540e4d05dda6903a2561f2577a0df0ec554fe029eb16053cc165918a981 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: f01aecb362.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://2ba424bb26.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	2ba424bb26.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	99 kB
URL 2ba424bb26.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (63955) Size 99 kB (99393 bytes) Hash cd57e94489001e41f53691660e2806ce fd933d8bfdaf3e6b42abd6e90f24ed6ee7ce865c 429c3376efc1c40834ba01a7c2ce9e90e775eac6c81a04fbe68159a90095cffc HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 2ba424bb26.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9319ca89ae.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/style.css	23.158.56.201	3.1 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (11701), with no line terminators Size 3.1 kB (3136 bytes) Hash db606af46bdcca984d60a46183a4525e 28964fac8b2b7889554f32543e69ac68e6f21e2f 8693be57861bf006c70b542234666eaa50f4258856c4e75e0066f1ca589026ae HTTP Headers `GET /lands/36/img/style.css HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: text/css content-length: 3136 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-c40" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/logo.png	23.158.56.201	7.4 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/logo.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 180 x 56, 8-bit/color RGBA, non-interlaced Size 7.4 kB (7398 bytes) Hash 6cd3a78b39a704ee1c84f31c8c4e5808 bb5c81cadfcd60bd5c7b29af2395ef24b11ebb93 4cfbf07b7b4def7ad505f3be44e311c631ffec252a93f031d11356bc1b0c8193 HTTP Headers `GET /lands/36/img/logo.png HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/png content-length: 7398 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1ce6" accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/search-icon.png	23.158.56.201	461 B
URL 88eef94a5c.news-rolehi.com/lands/36/img/search-icon.png IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Size 461 B (461 bytes) Hash 71a97f63eeafce6cc8dd4e7b92e77303 e92e36474a69fcf7b932efc581e024a1c25773e5 fc2f527dba6449b1d9a7f17e4e9926039806904f58a7b4278dccf398900371d2 HTTP Headers `GET /lands/36/img/search-icon.png HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/png content-length: 461 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1cd" accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/Spin-1s-80px.gif	23.158.56.201	31 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/Spin-1s-80px.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 80 x 80 Size 31 kB (30677 bytes) Hash 68556766cd260e97fec2b60a9bfaf8c7 26c969371c9a3de360fab6d7a7a3bec2c5d5c99f ef50b84645244197917d80f6bcd6f604dce892ec4cdcdc96f11ea40f4a093676 HTTP Headers `GET /lands/36/img/Spin-1s-80px.gif HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/gif content-length: 30677 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-77d5" accept-ranges: bytes X-Firefox-Spdy: h2`

	08660ff71c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	3.6 kB
URL 08660ff71c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 3.6 kB (3616 bytes) Hash 51fffce15dbb186550be1531206e7840 10016a3e25dd3a5b708674d6e365a5af330395a2 a3dc9e2231afc1349e2ccb2479eef7dcf175de4262052dcff7fb37e90ecb2112 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 08660ff71c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e45ce2ac86.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	10 kB
URL 770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 10 kB (10436 bytes) Hash de7977ff8bf89eb051f7aec536274b4b d754ee2051937a6b693fee34d6896aa2a29d8c32 951f7d30736b52a15d09c973bde4d78e62fcb506e05df940d75a10434bf2d1f1 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://43c8800c8f.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	21 kB
URL 138ad8be67.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 21 kB (21319 bytes) Hash 739e9a2b7c45b068b7b0428be0af8a37 3b636f23b3876f38a5b4a5bf9e8a293021c82a12 c806e178caf02ffe15df84ae1d38da83257a4d61aa31a1c637fdc1b431c4c952 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 138ad8be67.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://f01aecb362.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	47263a4615.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	54 kB
URL 47263a4615.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 54 kB (54293 bytes) Hash 7341e497c824d455e518993d306d768e 33a7ec30ec3c9dc2945bca173fc34ff294d48cd9 93f3f2fc06d0fa653e77e5f6a0ada745a0aed770c6bce25e84a3270f1d35b7a7 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 47263a4615.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47263a4615.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/pics-2.jpg	23.158.56.201	9.5 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/pics-2.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9474 bytes) Hash b1444ede1cb63c55f07c4b7cc861ec58 504823696a6990f0c6892721e34a7496cfe4e704 628146e090737199d0b92e0d069cdc8fa95d65391a7e84b7da053dbc0275b2f8 HTTP Headers `GET /lands/36/img/pics-2.jpg HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/jpeg content-length: 9474 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2502" accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/pics-3.jpg	23.158.56.201	9.4 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/pics-3.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.4 kB (9413 bytes) Hash 76025b7cd7b3e168342e9f6916d8c7f4 bd2a6ea7c9105935c7a616fec2d6d85dbf98bfc2 46eaa0e5c25c663d858a5c65629f960ed17d2fe30b2484f629158e6d6460d775 HTTP Headers `GET /lands/36/img/pics-3.jpg HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/jpeg content-length: 9413 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24c5" accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/pics-4.jpg	23.158.56.201	9.5 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/pics-4.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.5 kB (9468 bytes) Hash 107bdcec0a201d69db378827b68127cd efc977edd0a369769d5f32d88e9858302bed1e5e cb8a23effd64618021ebe40be5ed24bfb27c17f6d0a82c87a96d9efd91e06468 HTTP Headers `GET /lands/36/img/pics-4.jpg HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/jpeg content-length: 9468 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-24fc" accept-ranges: bytes X-Firefox-Spdy: h2`

	88eef94a5c.news-rolehi.com/lands/36/img/pics-5.jpg	23.158.56.201	9.6 kB
URL 88eef94a5c.news-rolehi.com/lands/36/img/pics-5.jpg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JPEG image data Size 9.6 kB (9557 bytes) Hash 628b98b82d0aca1c1b2155aa5ec51a6a db663b2b85cf8828f3e9c5aa879325bb50e684a0 d7dfe6be5b49bee8bbf743bc58d74af3dc7d0250c89bd6dd7e9ad268c287289d HTTP Headers `GET /lands/36/img/pics-5.jpg HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: image/jpeg content-length: 9557 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-2555" accept-ranges: bytes X-Firefox-Spdy: h2`

	c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	26 kB
URL c4ac706920.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 26 kB (25645 bytes) Hash 0976eae66d2184b2579f0570c2fd5521 5ba9bf83be86d02d669bad8e87693764a87032a3 189c21894141d2da2895e878882db0f7f468e504a63289a1300c2e59cb134f98 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: c4ac706920.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://138ad8be67.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	13454769e3.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	18 kB
URL 13454769e3.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 18 kB (18320 bytes) Hash 2cb872305454b552160fac80d61b9a92 0868cdff77088fc259afe88d40f376d41953c786 8e04cfcf7762399869c5dd28f58723ec294bc5aac9918cec8bc4e288f7fe325e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 13454769e3.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9108237a93.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:58 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	335cc70030.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	77 kB
URL 335cc70030.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (64512) Size 77 kB (77431 bytes) Hash 2cc8da9c324a7eb79277b02707ab2b2f e5c8bf30cb19f8143682981775e4bc23e79dc163 994d4340ac5eaa71ed6a860488b24e3aac63544dd406e15431ab96d314f160c9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 335cc70030.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c4ac706920.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:57 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	16 kB
URL 7d42a0db0d.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (14721) Size 16 kB (16025 bytes) Hash e8d6b8de5bc213d10b0ccf3e2af3fc2f fa31e9334bbb94848dfac46a26c199c74d391f64 0238d5a05159684c871834736d29273948a4a6c008c6a9050cb5178b01d3539c HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 7d42a0db0d.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://38a4cb3326.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:55 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	74f870fd34.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	18 kB
URL 74f870fd34.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 18 kB (17861 bytes) Hash 0622d2ec65d45414b9f2842857d0cbeb 2005d58e96b91c49a5a0e35d76125aba9d901c6d 7b50900c5a12a265ac9bcf5aa3d3ba35ff86f8632219ece0fbfe5976c37ef9d2 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 74f870fd34.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://abf03c30b5.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://68369568d9.news-rolehi.com/ Cookie: _subid=376l60j11aejuf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:00 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:00 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejuj; expires=Mon, 10 Jun 2024 09:58:00 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:00 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://68369568d9.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-length: 0 location: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	563d15ce0e.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 563d15ce0e.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	563d15ce0e.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL 563d15ce0e.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	563d15ce0e.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL 563d15ce0e.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	563d15ce0e.news-rolehi.com/lands/53/images/video.gif	23.158.56.201	500 kB
URL 563d15ce0e.news-rolehi.com/lands/53/images/video.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 320 x 180 Size 500 kB (500082 bytes) Hash 2e59da03066a7854825901e0c1460b52 8d5aa04f252de7a85b8387051c1321338ac32d32 63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433 HTTP Headers `GET /lands/53/images/video.gif HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: image/gif content-length: 500082 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-7a172" accept-ranges: bytes X-Firefox-Spdy: h2`

	563d15ce0e.news-rolehi.com/lands/53/js/device.js	23.158.56.201	1.1 kB
URL 563d15ce0e.news-rolehi.com/lands/53/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/53/js/device.js HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://563d15ce0e.news-rolehi.com/ Cookie: _subid=376l60j11aejuj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:00 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:00 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejuk; expires=Mon, 10 Jun 2024 09:58:00 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:00 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	55 kB
URL 88eef94a5c.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (44310) Size 55 kB (54717 bytes) Hash cc248d96b07aa4312db8f8542f21b582 d09c237c5a31f2c8d4965e52ad23c78bfdaced46 64352887377889ecbeef5df209ed695779b76b5c578f29e42ece5525045fcb9f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 88eef94a5c.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9d668323c0.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	2c0b97a836.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 2c0b97a836.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 2c0b97a836.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2c0b97a836.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	86 kB
URL cdad15ce44.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, Unicode text, UTF-8 text, with very long lines (37323) Size 86 kB (85710 bytes) Hash 529d9fb61e541dfd4203c41ec2599936 0633ec6f648757605a702fdd63bbb2f9db2f2202 77c5034638e159b414de499488cfdd31ecdb194b292240af657e47560fe51c13 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: cdad15ce44.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fbd78d23ff.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:44 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://2c0b97a836.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-length: 0 location: https://340aa6a935.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	340aa6a935.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 340aa6a935.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 340aa6a935.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://340aa6a935.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:00 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	abf03c30b5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	131 kB
URL abf03c30b5.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (55676) Size 131 kB (130956 bytes) Hash 65c20f3b074b05922a88b45823c8e62a 881542f70edc6b1b363a59192108ade41a697c23 82b6db397300484643f4205a5fbeb0246d71798277287a640bc1386b690b1cd9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: abf03c30b5.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a3dc861681.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:52 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://340aa6a935.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-length: 0 location: https://1477b96533.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1477b96533.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 1477b96533.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 1477b96533.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1477b96533.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1477b96533.news-rolehi.com/ Cookie: _subid=376l60j11aejuo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:01 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejuu; expires=Mon, 10 Jun 2024 09:58:01 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	1477b96533.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 1477b96533.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 1b3f75db5820510763ded906d2d53925 73e5bd3824b4a89eb4d3aab52a8dd7b2119e8f82 1cc79de939f3d42a272ca0460b67d8ad81aaf7620140bd800c5019ab02d6fe23 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 1477b96533.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1477b96533.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	008c08da31.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 008c08da31.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 008c08da31.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://008c08da31.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://008c08da31.news-rolehi.com/ Cookie: _subid=376l60j11aejuu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:01 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejv0; expires=Mon, 10 Jun 2024 09:58:01 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://008c08da31.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-length: 0 location: https://7211f184a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7211f184a2.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 7211f184a2.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 7211f184a2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7211f184a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9319ca89ae.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	92 kB
URL 9319ca89ae.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (44310) Size 92 kB (92049 bytes) Hash 5ae307863cd43eb25adedc883d8dc24e bede3ba0492f69624290a0026ba20fb427857051 4f99ce25454a09afc193a524237f391a3140db50438c4cfbab1c73bde755f66a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 9319ca89ae.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7d42a0db0d.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:56 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7211f184a2.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-length: 0 location: https://96c665dab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	96c665dab8.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 96c665dab8.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 96c665dab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://96c665dab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	eac5bc11a2.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	46 kB
URL eac5bc11a2.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 46 kB (45902 bytes) Hash 393ae43ee8317b976577769a1ac2e337 d332dfd38ef38b71b1b6fdcc34684d26a7f47255 bf77a931c48c10a1825533d8e7543ef35a11fb32c7c21bb8b2eeae5a433498ce HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: eac5bc11a2.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://eac5bc11a2.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:53 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	96c665dab8.news-rolehi.com/lands/57/js/device.js	23.158.56.201	1.1 kB
URL 96c665dab8.news-rolehi.com/lands/57/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/57/js/device.js HTTP/1.1 Host: 96c665dab8.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://96c665dab8.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://96c665dab8.news-rolehi.com/ Cookie: _subid=376l60j11aejv6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:02 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejv9; expires=Mon, 10 Jun 2024 09:58:02 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://96c665dab8.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-length: 0 location: https://e867a819db.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	11 kB
URL 43c8800c8f.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 11 kB (11403 bytes) Hash 23e65ed6599d19e8365609f84b46afdf 54b458183799427bac784d90c84d960c798722ef 272d5905ad09e83fec7531afd9360cfa083987c5e92acd38c817e311eae3e857 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 43c8800c8f.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://47263a4615.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e867a819db.news-rolehi.com/ Cookie: _subid=376l60j11aejv9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:02 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejve; expires=Mon, 10 Jun 2024 09:58:02 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e867a819db.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-length: 0 location: https://70cf2080fa.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	70cf2080fa.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 70cf2080fa.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 70cf2080fa.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://70cf2080fa.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	70cf2080fa.news-rolehi.com/lands/48/preloader-43.5794040.gif	23.158.56.201	7.0 kB
URL 70cf2080fa.news-rolehi.com/lands/48/preloader-43.5794040.gif IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type GIF image data, version 89a, 160 x 160 Size 7.0 kB (7010 bytes) Hash 5794040ee88def220320edd0ed2e2ac9 7ec6d7843172d2bec7c0ed0d7eabed19a800fd7b c1a4896adebc502e9be1248a28bc641ef9a5b75c6bdefa5d704a220c128ee34e HTTP Headers `GET /lands/48/preloader-43.5794040.gif HTTP/1.1 Host: 70cf2080fa.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://70cf2080fa.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: image/gif content-length: 7010 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1b62" accept-ranges: bytes X-Firefox-Spdy: h2`

	008c08da31.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	45 kB
URL 008c08da31.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 45 kB (44689 bytes) Hash 97d41f2db3803a0f9d0302f026b3bbdd b078c3337bce8db17e64319e9bf7d92c1187f123 c9207bc223eeae6bd7c53bf13379f6e06efc56a4a3f1e4d005196091213b4b78 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 008c08da31.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://008c08da31.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.46.99	587 B
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.46.99:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 587 B (587 bytes) Hash 37e8b1f814bcd3596994be69be035080 4a398c64447574c68e2a6d696a7910a564934a49 5c92ae18bd11f1b6ed4b5a30a33903e5f6b5160b9699e953d237b56e756500f0 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1477b96533.news-rolehi.com/ Origin: https://1477b96533.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:01 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://1477b96533.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL 33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash 532f7c0f43c9545d513ce258c329ffed 539dee591aa51471d71e271f8f848518f2f8ba14 2ffd8347d5a28d9b6fb4776aa2bca8e904bdee0a60c5b8b50ed05ef4d6eb7539 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 33377f5b84.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://70cf2080fa.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	33377f5b84.news-rolehi.com/lands/20/style.css	23.158.56.201	868 B
URL 33377f5b84.news-rolehi.com/lands/20/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (2230), with no line terminators Size 868 B (868 bytes) Hash d4b3acb7a84d2265bf174f13f93ca4f1 d6595e14ed8549bc39a8977cbd8d5b5b6f5cf221 2932666d3de7135f82ec781a408781352ec79c68998de11047db8e228d063311 HTTP Headers `GET /lands/20/style.css HTTP/1.1 Host: 33377f5b84.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: text/css content-length: 868 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-364" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	33377f5b84.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 33377f5b84.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 33377f5b84.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33377f5b84.news-rolehi.com/ Cookie: _subid=376l60j11aejvh; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:02 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:02 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejvm; expires=Mon, 10 Jun 2024 09:58:02 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://33377f5b84.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:04 GMT content-length: 0 location: https://5bb8f988a7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5bb8f988a7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	1.3 kB
URL 5bb8f988a7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type HTML document, ASCII text, with very long lines (553) Size 1.3 kB (1309 bytes) Hash 149c23c73d4b578af695afc51554cab8 4ad6db4c307fb377d2163d6891c39f071fd2077d ba81558b99300055896a6e52adfb9f09887f430db0c554a17948f173fb7a6996 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 5bb8f988a7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://33377f5b84.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: text/html; charset=UTF-8 content-length: 1309 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic	142.250.74.106	1.7 kB
URL fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2230) Size 1.7 kB (1652 bytes) Hash 4c81c91e12e25e3a5575f325ad02f19d b6a97abab8eaa8d46222d4e6c114f64552b7608a 4eeefcc09e1adfa5b6e499612e897917bf40e5d55e4862de15d66efd72051112 HTTP Headers `GET /css?family=Roboto:300,400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33377f5b84.news-rolehi.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 10 May 2024 09:58:02 GMT date: Fri, 10 May 2024 09:58:02 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	5bb8f988a7.news-rolehi.com/revopush.js	23.158.56.201	8.1 kB
URL 5bb8f988a7.news-rolehi.com/revopush.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, Unicode text, UTF-8 text, with very long lines (20417), with no line terminators Size 8.1 kB (8110 bytes) Hash 2c5bbd971d7151a38f9a0fbe8fa83886 8fb8275965ff38c18a2fb5bd1be990c4592b39a0 b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343 HTTP Headers `GET /revopush.js HTTP/1.1 Host: 5bb8f988a7.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bb8f988a7.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-type: application/javascript; charset=utf-8 content-length: 8110 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1fae" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bb8f988a7.news-rolehi.com/ Cookie: _subid=376l60j11aejvm; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:03 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejvq; expires=Mon, 10 Jun 2024 09:58:03 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4=	136.243.42.50	0 B
URL news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-pepafu.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5bb8f988a7.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 09:58:04 GMT content-length: 0 location: https://73d4e2c5bc.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	33377f5b84.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	98 kB
URL 33377f5b84.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (44310) Size 98 kB (97488 bytes) Hash 2aeb08ccc6576c1e988410f4564270a2 cae0db8fea2d2b4a5458cbedf210c6f7084d8049 f431694e274384be86ad1655ea343a0b71e39cec6ff82988d5a17366f2a0052d HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 33377f5b84.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33377f5b84.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:02 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://73d4e2c5bc.news-rolehi.com/ Cookie: _subid=376l60j11aejvq; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:03 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aejvs; expires=Mon, 10 Jun 2024 09:58:03 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult	95.216.46.99	606 B
URL show.revopush.com/api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP 95.216.46.99:0 ASN #24940 Hetzner Online GmbH File type JSON text data Size 606 B (606 bytes) Hash 2a32bb5358c467eeac3890029b52c9a5 da6ba9b10de08ced3fb23ddc8f7c002e91487049 2cb49d91dfc5ed5fe37f34330bd7e3d9c7f6260c100da172fd996daf0270ca89 HTTP Headers GET /api/v1/inpage/show/?uid=171984&subacc=1218914904&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1 Host: show.revopush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5ab5e6b50f.news-rolehi.com/ Origin: https://5ab5e6b50f.news-rolehi.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:59 GMT content-type: application/json accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64 access-control-allow-origin: https://5ab5e6b50f.news-rolehi.com vary: Origin content-encoding: br X-Firefox-Spdy: h2`

	ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	24 kB
URL ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 24 kB (24135 bytes) Hash 23a319e3385202cb6984940b9179112c f584e07c7fb61af5c673abac936b5b09625977fe 7a747aa8af57831098692ed48526b3f101188e45feefe29f5b006903347bbd0f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: ad78cde679.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://73d4e2c5bc.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ad78cde679.news-rolehi.com/lands/53/css/style.css	23.158.56.201	1.3 kB
URL ad78cde679.news-rolehi.com/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers `GET /lands/53/css/style.css HTTP/1.1 Host: ad78cde679.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-type: text/css content-length: 1301 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	ad78cde679.news-rolehi.com/lands/53/images/spinning-circles2.svg	23.158.56.201	503 B
URL ad78cde679.news-rolehi.com/lands/53/images/spinning-circles2.svg IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers `GET /lands/53/images/spinning-circles2.svg HTTP/1.1 Host: ad78cde679.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	770c0801e1.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.201	545 kB
URL 770c0801e1.news-rolehi.com/process.js?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 545 kB (544771 bytes) Hash 5f712a6a47c37673a89a3ea77b7798fc 070c41a1a6763c0b61cca2b78af09e6341c01d9d 8ef8c093b8d2538fa71023461424843997fb707303928c267b07cb78c71075b4 HTTP Headers `GET /process.js?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 770c0801e1.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://770c0801e1.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:57:54 GMT content-type: application/javascript; charset=utf-8 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin X-Firefox-Spdy: h2`

	ad78cde679.news-rolehi.com/lands/53/js/device.js	23.158.56.201	1.1 kB
URL ad78cde679.news-rolehi.com/lands/53/js/device.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers `GET /lands/53/js/device.js HTTP/1.1 Host: ad78cde679.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad78cde679.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 09:58:03 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 02 May 2024 14:58:42 GMT etag: "6633aa22-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad78cde679.news-rolehi.com/ Cookie: _subid=376l60j11aejvs; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 10 May 2024 09:58:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 10 May 2024 09:58:03 GMT Location: https://news-pepafu.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j11aek03; expires=Mon, 10 Jun 2024 09:58:03 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzE1MzM1MDYyfSxcInRpbWVcIjoxNzE1MzM1MDYyfSJ9.xVAIDG93IdYCek6aYhbzFun_WMms7vAFAGKoDlVwBX8; expires=Sun, 18 Sep 2078 19:56:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4=	0.0.0.0	0 B
URL User Request GET 563d15ce0e.news-rolehi.com/?id=1218914904&p1=&p2=&p3=&p4= IP 0.0.0.0:0 ASN #0 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: 563d15ce0e.news-rolehi.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://68369568d9.news-rolehi.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (456)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type