| www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader | 188.114.97.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us/GypsyCrusader+News+Network/com.gypsycrusader HTTP/1.1
Host: www.tg-me.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 23:44:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 00:44:58 GMT
Location: https://www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfML7aByOfDwEWHPykgsb%2FLyWoDhOs%2F4177zx2eGh%2F5hwIhu2ny%2F%2Fte8BUWyQyX%2Brnxm13ih4sh8omxTyhmMVYr0I8oqgMjy9KBf2nQR8huP%2FOQ3mXFMbsda82qYHewT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f09a08bd30b39-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Sat, 04 Feb 2023 00:47:44 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd4e95d0d8982bcd07804baf6fc88231c 5027abda0875bd2529dd4d6691784c74da71a9ee 373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16612
Expires: Sat, 04 Feb 2023 04:21:51 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 23:43:35 GMT
content-type: application/json
age: 84
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11464
Expires: Sat, 04 Feb 2023 02:56:03 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cpeOLWagBRDV3cuVkQaAtkEy6vPwkS4n8uZNtJtjTH+XkRyANU/b70PnUqFF4Ec/sntjgIBPGCQ=
x-amz-request-id: KDGNR4R100H6CMJ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 23:23:46 GMT
age: 1273
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 345 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha4adb48fcec11be5899662d157aac89e 84b645e20d1fcb83415a3a12cce9224ef5d0621e 8cdbef7a8f6aafd8548816afc90ea12ac07f94aa2701c657be30eafc0a82914e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CDBEF7A8F6AAFD8548816AFC90EA12AC07F94AA2701C657BE30EAFC0A82914E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Sat, 04 Feb 2023 02:30:00 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 345 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha4adb48fcec11be5899662d157aac89e 84b645e20d1fcb83415a3a12cce9224ef5d0621e 8cdbef7a8f6aafd8548816afc90ea12ac07f94aa2701c657be30eafc0a82914e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CDBEF7A8F6AAFD8548816AFC90EA12AC07F94AA2701C657BE30EAFC0A82914E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Sat, 04 Feb 2023 02:30:00 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| s7.addthis.com/js/300/addthis_widget.js | 2.18.172.123 | 200 OK | 116 kB |
URL HTTP/2s7.addthis.com/js/300/addthis_widget.js IP2.18.172.123:0
File typeASCII text, with very long lines (54602) Size116 kB (116423 bytes) Hashd5b9b7a3accd3b7b7de639c072ae3ee2 9583b5c046d78af5c6379d844219f828aa2222d0 648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Fri, 03 Feb 2023 23:44:59 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash7d482750bf7fdfcaa38c0efd583ef4dc a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d 5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.innity.net/admanager.js | 23.32.97.102 | 200 OK | 3.3 kB |
URL HTTP/1.1cdn.innity.net/admanager.js IP23.32.97.102:0
File typeASCII text, with very long lines (10252), with no line terminators Hash67f70474488554526256d7b6c332ab34 e4e77246c8564d7ed7983ed1b665f78a87d3d4ac 1c7447c854562f1cb49f51443725ecb7a1483cab2a5ff39382528236af20014f
GET /admanager.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 28 Aug 2021 09:22:10 GMT
ETag: "280c-5ca9b226f1480-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3250
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Sat, 04 Feb 2023 23:44:59 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
Vary: Accept-Encoding
|
|
| www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY | 142.250.74.40 | 200 OK | 77 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY IP142.250.74.40:0
File typeASCII text, with very long lines (19467) Hashd6766fd9fe54f5465edc0143ce72a4c3 28309c39b8dcb24a40acc8f696fd7c3c7ff93a65 65f646365edca87f0c4454ef2f3f4f8a9080f33b474f7a12c7fc45eb8055b487
GET /gtag/js?id=G-H9DDVMTLKY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 23:44:59 GMT
expires: Fri, 03 Feb 2023 23:44:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9a6c8215eb3a89ad30f7f0ae1509bfbd 09ad9c5a9a5793e3d60fa707ec6ee7246ec273ed 8aedfc66db7517c5f3e7392a66caab3018740c18d3cd192c76372481a4d5f2d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AEDFC66DB7517C5F3E7392A66CAAB3018740C18D3CD192C76372481A4D5F2D6"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10988
Expires: Sat, 04 Feb 2023 02:48:07 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash7d482750bf7fdfcaa38c0efd583ef4dc a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d 5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 23:07:19 GMT
age: 2260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Sat, 04 Feb 2023 00:22:54 GMT
Date: Fri, 03 Feb 2023 23:45:00 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.212.170.166 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.212.170.166:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QhPp0nyC/62Kx0aTZiLQAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zM7YMTrAM1E1Ov336axiUUY+2FQ=
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY>m=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY>m=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-H9DDVMTLKY>m=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.tg-me.com
date: Fri, 03 Feb 2023 23:45:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash5c62320f6ab246ad9986250b38b94f64 7a6728673ae060401127e4e527c45beca83a63da 8956040d5467106058972d77127e73243f85816f6fa650e1a310b987fe8af7c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:44:31 GMT
Expires: Wed, 08 Feb 2023 02:44:30 GMT
Etag: "7a6728673ae060401127e4e527c45beca83a63da"
Cache-Control: max-age=355769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09aa8b7eb517-OSL
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash5c62320f6ab246ad9986250b38b94f64 7a6728673ae060401127e4e527c45beca83a63da 8956040d5467106058972d77127e73243f85816f6fa650e1a310b987fe8af7c1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:44:31 GMT
Expires: Wed, 08 Feb 2023 02:44:30 GMT
Etag: "7a6728673ae060401127e4e527c45beca83a63da"
Cache-Control: max-age=355769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09aaa86cb506-OSL
|
|
| as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce | 149.129.240.178 | 200 OK | 296 B |
URL HTTP/1.1as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce IP149.129.240.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, ASCII text, with very long lines (463), with no line terminators Hashdfb6a3fa4c95ca568674eece21d9c6c8 6e80193407a29499499543af35d8ca9a038ce298 81e69867bfd76563e80321931b84585d89a1e3b4cd9f410fb82b36dde19b338a
GET /synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=dfe7d129b42cd79a2dcc04cddc2ef621; expires=Sun, 02-Feb-2025 23:45:00 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:00 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 296
Content-Type: text/javascript; charset=utf-8
|
|
| as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce | 149.129.240.178 | 200 OK | 296 B |
URL HTTP/1.1as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce IP149.129.240.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, ASCII text, with very long lines (463), with no line terminators Hash7145243f25bbf2f128acf3ed17316a71 7dc40a9f7e5d5f195a9b4c999faf155a58e373c2 d2c14153b3058cda767c068d4672022ffe29c613b038e7330456121f18bd4a48
GET /synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=934d83095735f2fde8b2947c6a4f3bf0; expires=Sun, 02-Feb-2025 23:45:01 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:01 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 296
Content-Type: text/javascript; charset=utf-8
|
|
| cdn.innity.net/analytics.js | 23.32.97.102 | 200 OK | 152 B |
URL HTTP/1.1cdn.innity.net/analytics.js IP23.32.97.102:0
File typeASCII text, with no line terminators Hash46d5024ebf1b6a988ead272230810b3f 14f8bac9205ef9cea440bd07bc08f21203181854 e29a328204732024e194cde9dbd28b72d517c2f56f228e50d5a496fd746b51aa
GET /analytics.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
ETag: "ad-5267218ef0c80-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 152
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Sat, 04 Feb 2023 23:45:01 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
Vary: Accept-Encoding
|
|
| knlrfijhvch.com/solid.gif?z=1945070&abvar=2 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2knlrfijhvch.com/solid.gif?z=1945070&abvar=2 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /solid.gif?z=1945070&abvar=2 HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| z.moatads.com/addthismoatframe568911941483/moatframe.js | 2.18.173.140 | 200 OK | 948 B |
URL HTTP/2z.moatads.com/addthismoatframe568911941483/moatframe.js IP2.18.173.140:0
File typeASCII text, with very long lines (523) Hashf14b4e1f799b14f798a195f43cf58376 b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=46103
date: Fri, 03 Feb 2023 23:45:01 GMT
X-Firefox-Spdy: h2
|
|
| intorterraon.com/5/5557327 | 139.45.197.239 | 200 OK | 50 kB |
URL HTTP/2intorterraon.com/5/5557327 IP139.45.197.239:0
File typeASCII text, with very long lines (64428) Hash451ef4a1b4a824413286897096efe340 39b70094e3b05abd2aa98728cd554e75f322978d 3f255b7347e8376ef999711b6379ce4a3305d27595dc04b00a7f8b33fd937d0a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/5557327 HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/javascript
x-trace-id: 786976f64ae531b2259d9c982a9691a1
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:44:59 GMT; path=/; secure; SameSite=None
oaidts=1675467899; expires=Sat, 03 Feb 2024 23:44:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd3e050cf67675c3c19014a74517e3747 9931fd6a416e220e15ef5eccad6d0cb12edf3995 8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:45:01 GMT
Last-Modified: Fri, 03 Feb 2023 22:11:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp | 2.18.172.123 | 200 OK | 526 B |
URL HTTP/2v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp IP2.18.172.123:0
File typeASCII text, with very long lines (1483), with no line terminators Hashd28911df369ba0a8165a3d9611cb8fe3 cb00637ed6c61847fba8b33ee1048bbddc606d04 c60e78c2a41793d386fbfe0bc3aaac2cc73a75749da959a83c4f558306ee07ee
GET /live/boost/ra-61710efec007c081/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 526
etag: 411546989--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=0, s-maxage=86400
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_GB/sdk.js | 31.13.72.12 | 200 OK | 1.7 kB |
URL HTTP/2connect.facebook.net/en_GB/sdk.js IP31.13.72.12:0
File typeASCII text, with very long lines (1957) Hash083ae2d1056421d7cc6362e51339d07d 6e01248349d8bc704dd323b181ca7a83d064d7b4 b1a9b9e157565081209ce65891261108fd5434a2a9d8857854ea75a58ef4117c
GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2db7f7a14b52cfe3c8b1836b03f4e3b1
etag: "fce29239f54f01a87cc0b9dde3647057"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 23:54:49 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: CDri0QVkIdfMY2LlEznQfQ==
x-fb-debug: cGM0xCRFyxUMx/54rB/f+C1n9DuPkOBxWD4mBUfpe55QKVIcC52y6FpuhJgZYc5t5C0j2/yfWCxDB7hMnsTzxA==
content-length: 1687
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 23:45:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095 HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: text/javascript
content-length: 7
x-route-id: config
set-cookie: UID=2302031845688edefbf1cd4712a8448167e7; Path=/; Expires=Sat, 03 Feb 2024 23:45:01 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd3e050cf67675c3c19014a74517e3747 9931fd6a416e220e15ef5eccad6d0cb12edf3995 8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:45:01 GMT
Last-Modified: Fri, 03 Feb 2023 22:11:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 1.1 kB |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash426343663196a171ee1dee5614fa19ee eabf9bfe50b6517a5d5d8000983afd6220632351 e5402edf1efd558a3f7315484718f172284601a91a16f143f540e06cc4856b85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2731
Expires: Sat, 04 Feb 2023 00:30:32 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 14 kB |
IP172.64.155.188:0
Hash3cc054e78b2551fe816870b38d6daf9f 176883422ef5a37cd7c6966306ebdb7804e1cc1b 49442abfdb9691aecad5e820f51fd57430347ecbef154bdada46b7fc6b1ee2c4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=449292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09afa8dfb517-OSL
|
|
| my.rtmark.net/gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hashd1b660db6f1f249ca313ef00ebaaa98e 09c1c13c6e08eff4cfa675e95195780602160285 e444ed74eba269e85086fbc77eb8c59b4325476fbf3dc74a240cf41fd242d925
GET /gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.tg-me.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js | 2.18.172.123 | 200 OK | 78 kB |
URL HTTP/2s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js IP2.18.172.123:0
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Hashac1b5db6377f89a6d7f517c571b8ddba 87205f72f7338d717dd2966119ecb6aae22d5835 9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196 | 31.13.72.12 | 200 OK | 87 kB |
URL HTTP/2connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196 IP31.13.72.12:0
File typeASCII text, with very long lines (13192) Hash52e55387166e25939395c3a5d41243a5 4f3854333a33e4ed1d682c7207c7fedd6834bc8d 8e532b935b95a66353073a996c79f37725535663d72620af43baa47c7bedcf35
GET /en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c6798dd00eb59374b4dd34e4f36e5011
etag: "2d26a35454d65d06a1816056b1f21b67"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Feb 2024 22:49:21 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UuVThxZuJZOTlcOl1BJDpQ==
x-fb-debug: RlIm4MVnGcSBlnIHaYCAl73IVEIHrzUaDKz8h0Ggma88pNESDEI/YfqEnj4OAEtHOsvaYEw+6kiBE2KUgNewKg==
content-length: 86997
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 23:45:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s7.addthis.com/static/151.67aec2e0546e639563bb.js | 2.18.172.123 | 200 OK | 815 B |
URL HTTP/2s7.addthis.com/static/151.67aec2e0546e639563bb.js IP2.18.172.123:0
File typeASCII text, with very long lines (1679), with no line terminators Hash8c45a93a76f9e93cb7fe7a8dce9e1dbf 6604f1a4e77d07d55298cecc9c93e0e22e73a616 aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
|
|
| s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js | 2.18.172.123 | 200 OK | 394 B |
URL HTTP/2s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js IP2.18.172.123:0
File typeASCII text, with very long lines (564), with no line terminators Hash09d6e31790596b5636e4332b45864d33 078bdaadd33f7e19f624e403959dca3eef1a73d4 42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
|
|
| s7.addthis.com/static/157.5c460da9d8beb53078c0.js | 2.18.172.123 | 200 OK | 747 B |
URL HTTP/2s7.addthis.com/static/157.5c460da9d8beb53078c0.js IP2.18.172.123:0
File typeASCII text, with very long lines (1839), with no line terminators Hash31f1f88191d187ed29925230d652ac40 77927de772e05e3d0ba8fe70140a861c353a4444 1a9048e072cfd4ca76e4da93af36575e7b5a6ec8b665afd250d5c3d411e24d89
GET /static/157.5c460da9d8beb53078c0.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-72f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 747
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash45c6a062f8637e689819f505b019dc0e 61665688f1039c4fad848853a68e28d057718ad1 c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 5921
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcf80667db0c35c9c6139eca4ba5d12fd 4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590 d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 7084
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3ac51fd6789cbe19c2d484c9022b0e39 bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9 300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 4465
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash392b61306c346508d3ac4a2f28218f9c d2de32b52e0d3f4fc6acaf687b3521294b01dc03 018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 5669
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash99bf0073acf75f9e04b52a96bf47797b fa68da2c92fa89ed3dafe9915e064fca022af21f 961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 5222
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg | 34.120.237.76 | 200 OK | 3.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash77e225775154732b55c206faa6fce355 126bdaa18d9a1650b5e3a4e883d89188e8bbf136 af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: f130379c-2ea2-43d6-a1b0-e3afd4811bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEwLFYgIAMFzwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd819a-3d0199ab38a410ff7a78a675;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:50:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QrCYar2bxFJ_7bBH-5oJ4qdaS58NXDwNJxLI7ILxrBkzvzGV95PSFw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
age: 4465
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader | 2.18.172.123 | 200 OK | 2 B |
URL HTTP/2api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader IP2.18.172.123:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.tg-me.com/GypsyCrusader+News+Network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:00:00 GMT
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 03 Feb 2023 23:45:01 GMT
X-Firefox-Spdy: h2
|
|
| api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0 | 2.18.172.123 | 200 OK | 54 B |
URL HTTP/2api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0 IP2.18.172.123:0
File typeASCII text, with no line terminators Hash8f4b32044afc5145eee11cb9ee49cd9b ad1fcc795ae95d187d6b021089301a02ed716be4 81a7d40a023ce9fb257cfb1e12b12cb333083ca0211930b11cb28be2186a3cad
GET /url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader+news+network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:45:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 54
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| intorterraon.com/5/5557327 | 139.45.197.239 | 200 OK | 24 kB |
URL HTTP/2intorterraon.com/5/5557327 IP139.45.197.239:0
File typeASCII text, with very long lines (64694), with no line terminators Hashed8e9be4d8da6f8a9b6d08ed3560b86b 428baad08a9dcb43f7ca66723445f181b41f4075 da474e5560ac50e0d3cae923d99a2d1195787620b4c1bef06a99d97ba7ccdf17
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/5557327 HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; oaidts=1675467899
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/javascript
x-trace-id: 744df1cd49f92bcea22a525664e4dd46
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
oaidts=1675467899; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218 | 149.129.240.178 | 200 OK | 297 B |
URL HTTP/1.1as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218 IP149.129.240.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, ASCII text, with very long lines (463), with no line terminators Hash074b6d259acbdd2cde83cf20f41b5c4e 4b843d7ce719ba5d1ddad39f5dec74db818adadf d5694802f409c80407b13dfb1aa718ba641876478201de6ec9c4d1a4b13cbae0
GET /synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218 HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=7d1f67850ff736864d029bed51f58a5a; expires=Sun, 02-Feb-2025 23:45:01 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:01 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 297
Content-Type: text/javascript; charset=utf-8
|
|
| api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0 | 2.18.172.123 | 200 OK | 54 B |
URL HTTP/2api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0 IP2.18.172.123:0
File typeASCII text, with no line terminators Hash685435f7dc840bf10efbbc126a8e7480 0d9b0a67fe59df9587c8d46a7cd28381903e128f 887f7fa2ccd3afa014ddf117425feea404a9e2715ac4048f0698d042313e8fd8
GET /url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader+news+network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:45:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 54
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| optimize.innity.com/?pubid=3686&zoneid=93380&cb=1675467934255 | 119.81.3.35 | 200 OK | 43 B |
URL HTTP/1.1optimize.innity.com/?pubid=3686&zoneid=93380&cb=1675467934255 IP119.81.3.35:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /?pubid=3686&zoneid=93380&cb=1675467934255 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif
|
|
| optimize.innity.com/?pubid=3686&zoneid=93378&cb=1675467934255 | 119.81.3.35 | 200 OK | 43 B |
URL HTTP/1.1optimize.innity.com/?pubid=3686&zoneid=93378&cb=1675467934255 IP119.81.3.35:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /?pubid=3686&zoneid=93378&cb=1675467934255 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif
|
|
| as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218 | 149.129.240.178 | 200 OK | 149 B |
URL HTTP/1.1as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218 IP149.129.240.178:0 ASN#45102 Alibaba US Technology Co., Ltd.
File typeHTML document, ASCII text, with no line terminators Hashc3fd5c0a3cab6c1181f46891e2a7e2a7 c12dfb004aea12479fa017bf6c7b7084b8e557ab 8672a27538c8a7e0ced1aa2ad4ed2e3379eb4b0b0162e14385f88d8cf012261b
GET /synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218 HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=769ea091421913156600da7d8e571c6b; expires=Sun, 02-Feb-2025 23:45:02 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 149
Content-Type: text/javascript; charset=utf-8
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash7a37d5f14346f4c2d32067a67ed9cbf2 9364052ccda00fe675fe8cc3f2f244161f2a2f69 c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=309705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09b509bcb506-OSL
|
|
| grid.bidswitch.net/adj?auid=373595 | 18.194.21.26 | 200 OK | 22 B |
URL HTTP/2grid.bidswitch.net/adj?auid=373595 IP18.194.21.26:0
File typeASCII text, with no line terminators Hash757a378066f32f7378db0c733f587bbc e364c6fc5837d56a5f15fa3c39a46a7640e64211 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8
GET /adj?auid=373595 HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:45:02 GMT
content-type: text/javascript; charset=UTF-8
content-length: 22
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
|
| v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp | 2.18.172.123 | 200 OK | 526 B |
URL HTTP/2v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp IP2.18.172.123:0
File typeASCII text, with very long lines (1483), with no line terminators Hashd28911df369ba0a8165a3d9611cb8fe3 cb00637ed6c61847fba8b33ee1048bbddc606d04 c60e78c2a41793d386fbfe0bc3aaac2cc73a75749da959a83c4f558306ee07ee
GET /live/boost/ra-61710efec007c081/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 411546989--gzip
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 526
etag: 411546989--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=3, s-maxage=86400
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| optimize.innity.com/?pubid=3686&zoneid=98812&cb=1675467934914 | 119.81.3.35 | 200 OK | 43 B |
URL HTTP/1.1optimize.innity.com/?pubid=3686&zoneid=98812&cb=1675467934914 IP119.81.3.35:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /?pubid=3686&zoneid=98812&cb=1675467934914 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif
|
|
| optimize.innity.com/?pubid=3686&zoneid=98814&cb=1675467934927 | 119.81.3.35 | 200 OK | 43 B |
URL HTTP/1.1optimize.innity.com/?pubid=3686&zoneid=98814&cb=1675467934927 IP119.81.3.35:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /?pubid=3686&zoneid=98814&cb=1675467934927 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif
|
|
| m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610 | 2.18.172.123 | 200 OK | 90 B |
URL HTTP/2m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610 IP2.18.172.123:0
File typeASCII text, with no line terminators Hash2f33eb2cfddb5edc23e7bb777f4880d6 9660d05c5f87710a7cfecb5ceb26e0340e89f9c6 24d2f8014d7d1a56ee141dfdee2449deb6bdafdd8491a0da8229f00ab0aad8e4
GET /live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 03 Feb 2023 23:45:02 GMT
X-Firefox-Spdy: h2
|
|
| api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0 | 2.18.172.123 | 200 OK | 53 B |
URL HTTP/2api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0 IP2.18.172.123:0
File typeASCII text, with no line terminators Hasha7a89f38a6472d0a7f3f64c98be101b5 8c5d715a3a1e66ecd1dcd36bcdd708894929c497 22de0c233161e5bff805e542b617abd55b6837faa1fcca62c334775abfa82032
GET /url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader%20news%20network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:45:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview | 2.18.172.123 | 200 OK | 3.1 kB |
URL HTTP/2api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview IP2.18.172.123:0
Hashb939ad8da96f358448fc50b433e542cc f1c96ffe3590b5bf10ed2b761bd26ce2e973fa17 1d14fb6d053a762eb3bbc46af1729c551ac29457a6ca57d1ae72f07717308d9d
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.tg-me.com/GypsyCrusader%20News%20Network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:00:00 GMT
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 03 Feb 2023 23:45:02 GMT
X-Firefox-Spdy: h2
|
|
| api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00 | 2.18.172.123 | 200 OK | 53 B |
URL HTTP/2api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00 IP2.18.172.123:0
File typeASCII text, with no line terminators Hashf8f018c1db6f5c1893093a44f4e32e4e 61b44f86666096bbce018fa790847f067f5458e3 0d7c5b852a8097251a0dfd338b2d3042aa761b4fb525fd19705e751a5f2e6111
GET /url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader%20news%20network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:45:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: do/aqxSvVWuUe+jOjZs51JsejWZQchab7B+rPDMLEk8t9lAhkyZ2SbqNa8FBrOiIEhIO82Hjmu3Koe7+LsLFmg==
content-length: 0
date: Fri, 03 Feb 2023 23:45:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP188.114.96.1:0
GET /us/GypsyCrusader+News+Network/com.gypsycrusader HTTP/1.1
Host: www.tg-me.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 31 Jan 2023 16:09:40 GMT
cache-control: max-age=1382400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhZqp5IwfC8SdzYNbJdi2%2B2YbpBVWZKXlqqRTcgdRJF0vLfrc224Gv6LDPHTIQPwTq2n64wspTeH8frms8TGxNjVnr6DHPhHHgx9Uh30ZP9RGYl6RNZuZnq10N8GcuVh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f09a33d77b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js IP62.122.171.6:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /aas/r45d/vki/1945070/da5f3e3a.js HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:24:53 GMT
vary: Accept-Encoding
etag: W/"63d90895-126ea"
x-js-ab1: var2
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| acceptable.a-ads.com/2161124 | 144.76.28.254 | 200 OK | 0 B |
URL HTTP/2acceptable.a-ads.com/2161124 IP144.76.28.254:0 ASN#24940 Hetzner Online GmbH
GET /2161124 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.tg-me.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| intorterraon.com/?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2intorterraon.com/?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link IP139.45.197.239:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.tg-me.com/
Origin: https://www.tg-me.com
Connection: keep-alive
Cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; oaidts=1675467899
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/json
x-trace-id: 5a1b005a5621a8714d72ee37cf9cc9cf
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
oaidts=1675467901; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 10 Feb 2023 23:45:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|