Report - www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader

Report Overview

Submitted URL
www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-03 23:45:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
intorterraon.com	unknown	2022-08-02T13:41:34Z	2023-03-13T08:01:01Z	1.9 kB	78 kB	139.45.197.239
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	840 B	91 kB	31.13.72.12
acceptable.a-ads.com	109567	2017-07-05T09:01:45Z	2023-03-13T03:52:07Z	474 B	407 B	144.76.28.254
cdn.innity.net	28850	2012-05-21T16:13:30Z	2023-03-13T09:01:33Z	720 B	4.2 kB	23.32.97.102
knlrfijhvch.com	unknown	2022-12-07T11:04:59Z	2023-02-21T10:05:09Z	1.4 kB	2.8 kB	62.122.171.6
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.4 kB	18 kB	172.64.155.188
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.5 kB	93.184.220.29
api-public.addthis.com	4111	2012-05-21T15:44:35Z	2023-03-13T05:19:27Z	3.2 kB	6.1 kB	2.18.172.123
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	10 kB	95.101.11.115
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	420 B	742 B	139.45.195.8
www.tg-me.com	662678	2021-12-12T14:48:12Z	2023-03-09T17:41:27Z	882 B	1.4 kB	188.114.97.1
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	726 B	444 B	216.239.32.36
z.moatads.com	374	2014-02-11T17:19:47Z	2023-03-13T05:10:11Z	388 B	1.4 kB	2.18.173.140
optimize.innity.com	37523	2012-05-23T05:16:01Z	2023-03-13T09:30:22Z	1.7 kB	1.7 kB	119.81.3.35
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	913 B	2.5 kB	31.13.72.36
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	95.101.11.115
s7.addthis.com	1504	2012-05-21T05:34:04Z	2023-03-13T05:11:56Z	2.0 kB	198 kB	2.18.172.123
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.212.170.166
grid.bidswitch.net	1211	2018-12-10T23:55:42Z	2023-03-13T04:59:33Z	367 B	212 B	18.194.21.26
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	381 B	78 kB	142.250.74.40
as.innity.com	23995	2012-05-23T05:15:58Z	2023-03-13T09:34:01Z	2.4 kB	4.0 kB	149.129.240.178
v1.addthisedge.com	1721	2019-05-22T20:56:22Z	2023-03-13T05:11:57Z	870 B	1.7 kB	2.18.172.123
m.addthis.com	1448	2013-11-06T21:12:22Z	2023-03-13T08:48:31Z	835 B	361 B	2.18.172.123
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	knlrfijhvch.com	Sinkholed
2023-02-03	medium	intorterraon.com	Sinkholed
2023-02-03	medium	knlrfijhvch.com	Sinkholed
2023-02-03	medium	intorterraon.com	Sinkholed
2023-02-03	medium	knlrfijhvch.com	Sinkholed
2023-02-03	medium	intorterraon.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (60)

	URL	Size	First Seen	Last Seen
	cdn.innity.net/analytics.js	173 B	2023-03-10	2023-04-05
Pretty URL cdn.innity.net/analytics.js IP 23.32.97.102 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:54:41 Last Seen2023-04-05 01:53:11 Times Seen3 Hash 0c2c5ff15138f7e6173b80b84acf6422 c37f9f0d155cc78f975a48bbab7ae5ef8b6b0931 d86f773cc0628268e605173f2d589ee2ec9ecfd150e454514240eb2bfcb1fb82 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 01:52:08 Times Seen37029230 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	185 B	2023-03-13	2023-10-25
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-10-25 09:41:38 Times Seen2 Hash a1e44072a1ce3abd9390377c14b8f00e ad1e9206d6e88cff7316442f5de8934abc092211 b095dcc88a940f7b5a723a1b4d3a798520772a60372b354705245740c046ceb8 Loading...

	s7.addthis.com/static/151.67aec2e0546e639563bb.js	1.7 kB	2023-03-07	2023-05-04
Pretty URL s7.addthis.com/static/151.67aec2e0546e639563bb.js IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:09 Last Seen2023-05-04 12:53:23 Times Seen59 Hash 673bb73633abb0cd993fedf9b7e2ec59 927b851051f072f6205f25731ff4b92044c371c7 e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690 Loading...

	api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0	34 B	2023-03-13	2023-03-13
Pretty URL api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash d1ec9138ca8284b8be395392015f9951 24d7f2de3b653a0589b2e8d80295f517a259f919 be793ffd86b3b357c9467dcb687fd2ddda08d6a9502dde51b3dad0b52847311f Loading...

	api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0	34 B	2023-03-13	2023-03-13
Pretty URL api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 17d98504352ec58927b5f40e305bbd6a 4d800e9bac53c2d13bc6b31f7b86cb745e712b7d 25db81bf99375df096b8d24c72d6f14a4274156be642fb6279cde1f6adf564e3 Loading...

	api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0	33 B	2023-03-13	2023-03-13
Pretty URL api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash e6774d24dc6b2eeefe4f3d5dc296d3f2 8bac2fc1ba4d077f2782e33d2b3126dfafe10bb4 a33e4c54fda256c446c5ff392c9bc7b84ee681787d7ea403b6ab803895d92e56 Loading...

	cdn.innity.net/admanager.js	10 kB	2023-03-08	2023-10-05
Pretty URL cdn.innity.net/admanager.js IP 23.32.97.102 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:38:24 Last Seen2023-10-05 14:18:19 Times Seen169 Hash 929a60bf52481eef96b395b803cdd7cf feeb840bffbea23e0b14380bc2d729d26d4c5d2f 5ea9540f0eb6dcb569666cec5c2ee58a8ac9c9cc7be56dfbba0fe0ffa1fe3c42 Loading...

	as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1280&vph=939&auction=2d74aba-a6352ce	463 B	2023-03-12	2023-03-13
Pretty URL as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1280&vph=939&auction=2d74aba-a6352ce IP 149.129.240.178 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:01:33 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 51cb970869e7f0f41b30b68efb35f182 82a737660e2910a3ceeb115a99357014b7187616 18cd488606a97044df4aecbd880631bc2a482209da3c662376eb87291ff4ea18 Loading...

	connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196	308 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash c6798dd00eb59374b4dd34e4f36e5011 16f05bf718413f8d14947f09c5b9121b7d313d13 4d460a9bd33162d56f72470a354d0588c0f554a280dfe1c6615ab0fc86568daa Loading...

	s7.addthis.com/static/157.5c460da9d8beb53078c0.js	1.8 kB	2023-03-07	2023-04-20
Pretty URL s7.addthis.com/static/157.5c460da9d8beb53078c0.js IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:56 Last Seen2023-04-20 01:08:33 Times Seen11 Hash 32e440fa28746fe88152e0e54ced0dee 96f2b8acbc2a11ab70e7b97d0d9ecc57b040a96f 2b36cbf61a4ac4abe4d6d04bdb9f95094f9159f26b6163ba06f675b1030a024b Loading...

	as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218	160 B	2023-03-13	2023-03-13
Pretty URL as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218 IP 149.129.240.178 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 6ad45e9d6ec195bd5cf7a91784288436 d2ffd1cc61af1d98b9af10dbaa0efbcfa62d8a26 0f4552795f63c96e159c90f3ce508b04e5b5a215eb2d3b34de9c75a2228570cd Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	1.5 kB	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 6c98e9cda658013770cf229cdaf93c51 5578c455e4a47bcb5a99bc9227c60a3667f28e0f 7513e5e55532c6a46f4706cf4fdfc9d1f92e340e9697aaa53ddc13ae7ddf264c Loading...

	s7.addthis.com/js/300/addthis_widget.js#pubid=ra-61710efec007c081	361 kB	2023-03-07	2023-11-23
Pretty URL s7.addthis.com/js/300/addthis_widget.js#pubid=ra-61710efec007c081 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-23 23:37:41 Times Seen4632 Hash 61dcfa8958e6a7cc3f23b3b4758ee178 c4313cf29a2c056422ab798a2d088743c0972e97 acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Loading...

	www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader	170 B	2023-03-12	2024-02-05
Pretty URL www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:01:34 Last Seen2024-02-05 04:15:33 Times Seen19 Hash 963bbb9d2d81c703390d25b4006dc5d7 cd03cae90199a763b9db03f11d462cabd47078fe 182c3e4a0efd8ebec6bf7506b514b51e580df7cc4a265c69381ed347d7030651 Loading...

	www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash b4abb6c4793f2039075a24b72c481b24 f4460ed65fdf84b11373f3874983d1206967bfe9 4ca4e844ea42ac19e32f390bec48cc3a4c50e138d2cd403c73fbdb9336f28607 Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.573305813645509&iit=1675467934311&tmr=load%3D1675467934235%26core%3D1675467934252%26main%3D1675467934308%26ifr%3D1675467934313&cb=0&cdn=0&md=0&kw=telegram%20GypsyCrusader%20News%20Network%2CGypsyCrusader%20News%20Network%20telegram%2CGypsyCrusader%20News%20Network%20tg%2CGypsyCrusader%20News%20Network%20apk%20telegram%2Cgypsycrusader%20telegram%2Cgypsycrusader%20telegram&ab=-&dh=www.tg-me.com&dr=&du=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&href=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=0&prod=undefined&lng=en&ogt=type%3Dwebsite%2Ctitle%2Csite_name&pc=men&pub=ra-61710efec007c081&ssl=1&sid=63dd9c9efd839582&srf=0.01&ver=300&xck=0&xtr=0&og=site_name%3DTelegram%2520Group%26title%3DGypsyCrusader%2520News%2520Network%2520Telegram%26type%3Dwebsite&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.573305813645509&iit=1675467934311&tmr=load%3D1675467934235%26core%3D1675467934252%26main%3D1675467934308%26ifr%3D1675467934313&cb=0&cdn=0&md=0&kw=telegram%20GypsyCrusader%20News%20Network%2CGypsyCrusader%20News%20Network%20telegram%2CGypsyCrusader%20News%20Network%20tg%2CGypsyCrusader%20News%20Network%20apk%20telegram%2Cgypsycrusader%20telegram%2Cgypsycrusader%20telegram&ab=-&dh=www.tg-me.com&dr=&du=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&href=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=0&prod=undefined&lng=en&ogt=type%3Dwebsite%2Ctitle%2Csite_name&pc=men&pub=ra-61710efec007c081&ssl=1&sid=63dd9c9efd839582&srf=0.01&ver=300&xck=0&xtr=0&og=site_name%3DTelegram%2520Group%26title%3DGypsyCrusader%2520News%2520Network%2520Telegram%26type%3Dwebsite&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	as.innity.com/synd/?cb=1675467934625&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98812&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1268&vph=939&auction=55152568-32e1f218	463 B	2023-03-13	2023-03-13
Pretty URL as.innity.com/synd/?cb=1675467934625&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98812&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1268&vph=939&auction=55152568-32e1f218 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash e59d65248267e39fd6e625d941ee3652 1e38f7af4f55c031c5f07865f8204540067b5971 345c729d4eb1a522080d2b47606b5cfa3a02f4f1c30bf871930bcbd105f0499b Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	389 B	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 1ed4a29f545289b0c0be5f90e2e0b368 a13fbb81fd3b90a2ea7f2275286fbd8a9ecd23f3 7915efbad319b3adbdb80529ca53f3d830b985f6bbcb139919f7dc1320f3cf32 Loading...

	www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader	389 B	2023-03-12	2023-03-13
Pretty URL www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:01:34 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 95b4c0b71a687b633107ee1058681b9a 66f3d33983a1a8ecdee98c9b88dc8af472c43f7c 581dea4fdff310cdb556ad049c9efdc2e283082f97f0d1a9e0f2e78187801fcd Loading...

	www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader	151 B	2023-03-13	2024-02-05
Pretty URL www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2024-02-05 04:15:33 Times Seen15 Hash a508a172b09d0deaa5887a98bbd3cfb8 559b4b45d928099b905c1b972d38b70426b89b7c a174502b03c8535ecdcda00c10f82cc32945bcf3cafc0629745282c56d9b6cff Loading...

	http:blank	644 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash db3a390f3eb2e2027b6c24668405647c 614d5bf8b7f79577e53d970cae080580c2c7568d 8f283425963db5c8df4eca2d81b8017ee0165dcfc77d7748c9dc9fbe40f1e91b Loading...

	s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js	564 B	2023-03-07	2023-05-05
Pretty URL s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-05-05 10:48:03 Times Seen267 Hash ba3ede0f33cee0a3ef68eb7d3f7824dc 8d58c8c97a21e1a81e128b3d5f5eebd814c53707 c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	184 B	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash cb9acc0fa6f649d6e61670fc52486c2b b433632ba59466dd3158dfa34e8fb75f3e93fb85 cfe04f97f3a09a135b1db6a40135d6e7e579f51647b57360bda981710cf92b79 Loading...

	grid.bidswitch.net/adj?auid=373595	22 B	2023-03-13	2023-03-13
Pretty URL grid.bidswitch.net/adj?auid=373595 IP 18.194.21.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 757a378066f32f7378db0c733f587bbc e364c6fc5837d56a5f15fa3c39a46a7640e64211 18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8 Loading...

	www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js	4.7 kB	2023-03-13	2024-02-05
Pretty URL www.tg-me.com/cdn-cgi/apps/head/GKNcrQjoAp6Z98cDDrrto_NSSHU.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2024-02-05 04:15:33 Times Seen22 Hash b2d5c1afb116ef494e0fe59b172dfdc6 0c681e525857ebe486708de8342ddc6ed8568b63 1564de76f12335b86790a0aa52846be066e1945090183589e762537fe9464cfe Loading...

	knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js	75 kB	2023-03-13	2023-03-13
Pretty URL knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 55132e853918393a37c037ac29baeebb 5d5265a5a82ed235bd59b6b716fc383fe3705e80 cae8bae5e4a966e5bb5b79645ebe95ebd2eb967e1e59aa8ef0ce19345efe98e2 Loading...

	www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader	1.5 kB	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash c03991942d0b6b09ba8e1d17cefc006c b0c74af82e9b8b66ff929dba98d4075f684bc40b 54bc707306020981860fbe58c8bd98d7886bdac487bb36f3f96e9dccf504af4b Loading...

	intorterraon.com/5/5557327	64 kB	2023-03-13	2023-03-13
Pretty URL intorterraon.com/5/5557327 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash f730ca1b06e78d00ef52263323d3b3a2 f9c2d854c5361481d682e27a8153acfe077e77e1 1f019bf014ea1dcda74c105f1554a4c56658e759d1f0b2e584fa311703d9f457 Loading...

	v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp	1.5 kB	2023-03-13	2023-03-13
Pretty URL v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:38 Times Seen1 Hash e75c28a09af7272977bf4df3d1da8a9b b18b1294f9b6f0d8fbbeb59179caa9b679c37bc8 9a45890181bf2e84de8c292d2862dd3f97c9e46c3fba0570002593762710d7d5 Loading...

	knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095	7 B	2023-03-07	2024-04-17
Pretty URL knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	389 B	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 6df27007f6ae84bae5bdf78c2cfb6154 b6801214d038c01d93557453f1900c5a5745fbef 4158906002a955a4306cdb861a87aea603574d220b349964cf02eef06f5446ee Loading...

	http:blank	664 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:38 Last Seen2023-03-13 16:11:38 Times Seen1 Hash 067a6c8c550f82ffeebc256f568f6253 5961dc9993e12fbdd3e80b5582e28b8c473a9853 770a2681572108cae594ea817e70fa4174aa210c26500aecfb20d8f5627bd798 Loading...

	www.tg-me.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675454400	34 kB	2023-03-13	2023-03-13
Pretty URL www.tg-me.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675454400 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 29a04ccc6a6b3583aac3009644ebb228 74b7bc2a30cba70964d11eb0663a4f46cacc676a ba1dbb4fc4de71a32abe9e710aee0aefac54fb3d5f407c19daae5e911718daae Loading...

	s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js	270 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-05-06 00:32:51 Times Seen1824 Hash 476d935d6723f9abea1160c155ffb725 477ff2f072c62493be703060b3da7c7a5492f840 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Loading...

	connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v8.0	3.1 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v8.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 2db7f7a14b52cfe3c8b1836b03f4e3b1 bff971fdb0a2c4aef41091873fbb4c83671fed18 5918ba89e26ba36fac3e4582f30f2a18b7db948619dfc04ae0bc42323924286d Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9efd839582&bkl=0&bl=1&pdt=740&sid=63dd9c9efd839582&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=telegram%20GypsyCrusader%20News%20Network%2CGypsyCrusader%20News%20Network%20telegram%2CGypsyCrusader%20News%20Network%20tg%2CGypsyCrusader%20News%20Network%20apk%20telegram%2Cgypsycrusader%20telegram%2Cgypsycrusader%20telegram&colc=1675467934316&jsl=0&uvs=63dd9c9e75854f62000&skipb=1&callback=addthis.cbs.jsonp__71236870088163750	89 B	2023-03-13	2023-03-13
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9efd839582&bkl=0&bl=1&pdt=740&sid=63dd9c9efd839582&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=telegram%20GypsyCrusader%20News%20Network%2CGypsyCrusader%20News%20Network%20telegram%2CGypsyCrusader%20News%20Network%20tg%2CGypsyCrusader%20News%20Network%20apk%20telegram%2Cgypsycrusader%20telegram%2Cgypsycrusader%20telegram&colc=1675467934316&jsl=0&uvs=63dd9c9e75854f62000&skipb=1&callback=addthis.cbs.jsonp__71236870088163750 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash f45eeeafcc2ef438dfaded7d63e8d397 a060abdf54f40619c3079979503d71e7440ff1d0 b9c80dc24b87d5595bd95a98d026c50c2c7d44dc58a3f46b95b19ffa69762339 Loading...

	as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1268&vph=939&auction=55152568-32e1f218	463 B	2023-03-13	2023-03-13
Pretty URL as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1268&vph=939&auction=55152568-32e1f218 IP 149.129.240.178 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 62aa0b6219472a9f9ec8f87dcd5ea519 ad66da6a902028e399785d40a7b85512f2077415 09c7c632a7291e82bbc77c2d244d2de8664b17ebc72356f3162932934e59e940 Loading...

	www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1	113 B	2023-03-13	2023-11-01
Pretty URL www.tg-me.com/no/GypsyCrusader+News+Network/com.gypsycrusader/webview?embed=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2023-11-01 02:10:01 Times Seen9 Hash c36009d9112ac25422e2d715ebf9134c 2db0b7487e25a282bd6d556bd64c8adef75fe432 729aeb5d03887d05cb3b033b166022edb9eb968a2bb32dae57d4fe0644e43fb3 Loading...

	as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1280&vph=939&auction=2d74aba-a6352ce	463 B	2023-03-12	2023-03-13
Pretty URL as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=&height=&vpw=1280&vph=939&auction=2d74aba-a6352ce IP 149.129.240.178 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:01:33 Last Seen2023-03-13 16:11:39 Times Seen1 Hash ed8dd8df5581f2a990596aa06d10b787 eb708d655f784fd0a35212719a8a9a3bc8ef0ab5 da0293f070b9b1b1fec965cf3050ca1a365d6c78f5b22c8eb1efd060945f2c2d Loading...

	api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00	33 B	2023-03-13	2023-03-13
Pretty URL api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash c0aaa55fe507d0d8bb60c3f41b78bd9e 2c00c9bf8021777f21943bbf242699ecd1cf7881 d9f6a06488b7505d7e4941993ad046c2d1b1c9c6e822ff7052870a1134e1ed83 Loading...

	www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js	3.7 kB	2023-03-13	2024-02-05
Pretty URL www.tg-me.com/cdn-cgi/apps/body/mttil_w5gfRQoMK9J5wSEV0yOJQ.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:12:52 Last Seen2024-02-05 04:15:33 Times Seen24 Hash fa003623ee2ec67d4c1f781cba2560ec a5c3f088fb08f39537c9fb655243a5c0ee10b8dc f0c8ae28caaea979ac1a1b6c668726fe721704bc34bf50d882cb35a212516cf7 Loading...

	www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader	389 B	2023-03-12	2023-03-13
Pretty URL www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:01:34 Last Seen2023-03-13 16:11:39 Times Seen1 Hash cdcdd8b34f22d7e9dcc711262bb06a55 3ad17e9791147bf6ef8953e58a9047e3e2a7e04c 8a38a36259c7478da7cc019dd5e200a2088f3e7a2db76ada58198f8553b8de03 Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 2.18.173.140 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	intorterraon.com/5/5557327	64 kB	2023-03-13	2023-03-13
Pretty URL intorterraon.com/5/5557327 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 0449b4b45219ee73cdba99d9d39ebd1a 8fba1f389ec766824d21fcf8409de558b4ec88ae 4a36ad489d01236f3e0bb0f00abc327bf0ffdb1d1ba474452dcdf8b68549091b Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610	90 B	2023-03-13	2023-03-13
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 2f33eb2cfddb5edc23e7bb777f4880d6 9660d05c5f87710a7cfecb5ceb26e0340e89f9c6 24d2f8014d7d1a56ee141dfdee2449deb6bdafdd8491a0da8229f00ab0aad8e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

	#2 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7b0ee12b9a3819ac1b02420db01ce62e	311 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 7b0ee12b9a3819ac1b02420db01ce62e c1774e97c8afe9ffc48e2bdc844cfaa4f4dfad1d ab62d8bf5194c95221f3459d2f630057862b84ba6e46b149fcd763537eb806be Loading...

	#2 Write - 7215ee9c7d9dc229d2921a40e899ec5f	1 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-24 01:42:43 Times Seen21407 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	#3 Write - 1a5d3c78936de017751c21029cf68ada	406 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 1a5d3c78936de017751c21029cf68ada f81964f73f963416aa0f84c1b3f0d2447be98dcd b331868f909edaf5261a53d473a8393f555d370c9ac60924b5111499835b788d Loading...

	#4 Write - 08de54754ed205bde65ec00718a78846	317 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 08de54754ed205bde65ec00718a78846 e82747f037f6355723b941f8729925bab067884b 325f011d1054301e51c55df535bb0552de3ab89f2fa010292f7990ddd4cf7904 Loading...

	#5 Write - 4030a187c06286877c1ff87de94ce7e9	311 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 4030a187c06286877c1ff87de94ce7e9 4aac17a0f99cfc73c7da7242a864c0b62d0f75e3 ba0879bb0ad29ae4c087a9eefb2946a23706c3122baae5b7b63e879ceb531504 Loading...

	#6 Write - ebe0ae6747209cf11b911b88f2c880f4	406 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:39 Times Seen1 Hash ebe0ae6747209cf11b911b88f2c880f4 0b914dfadf426edbcb50e698511fcca112fe4dde 221f0f6007d9bfb1940adf95b524f41520117b7b0f0744e38240e5a745ecbc52 Loading...

	#7 Write - 61cb5cc22e4287efb47aaaa3fcb934a0	406 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 61cb5cc22e4287efb47aaaa3fcb934a0 5739e5b644fe0c98a5be3ca4d29d583186ee8e12 2a969afac9d5718a25b7f08c8c1c40cc0fd0f47f4b12808c1918d6cda106b2cf Loading...

	#8 Write - c55109f38ee9da820067b3a6d861b60f	313 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash c55109f38ee9da820067b3a6d861b60f db853c5f7182359fd2fa53a5596b631e7eb0512c d1d78465bdb97c0a373ed25ee1c815699e3fc6fedc58cdedfbdb579e44a7f2df Loading...

	#9 Write - 389ba482b88747f0216b5a00a24783ec	313 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash 389ba482b88747f0216b5a00a24783ec 14c4493a779fa2a446714e52a984fe1609e062bb 9dbe26e249dbfab836369bc0ccaf97e224418edd1809c1bf8d89c9bd5fd694ae Loading...

	#10 Write - aaf3f2b2019e7ac67b0bbe3bc0d82671	406 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash aaf3f2b2019e7ac67b0bbe3bc0d82671 1659080e6ce05674659bdb4510f52e7ba4f7d419 d8de0dbc60fda25e941e544688244fdfdecb343a6596e8d14e5f3e176312de64 Loading...

	#11 Write - d794c203a1d963fdc656944b995260c4	77 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:12:52 Last Seen2023-03-13 16:11:39 Times Seen1 Hash d794c203a1d963fdc656944b995260c4 04dc40224cec07597db1e04bc216a85369ddfaca 23feef16e779cc49b652707b1fb7aa6107bd41990117bcb89f228232a39d2125 Loading...

	#12 Write - e71768932a8b4fc24c8e4bc1c6be4657	117 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:11:39 Last Seen2023-03-13 16:11:39 Times Seen1 Hash e71768932a8b4fc24c8e4bc1c6be4657 70845c879dddafd6d2262b8b18815a262661bda2 3953244fae9a0f7a84adf1576644951daa7eef7a53397fd6c663d81f12beeda8 Loading...

HTTP Transactions (73)

URL IP Response Size

www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader

188.114.97.1

301 Moved Permanently

0 B

URL HTTP/1.1
www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /us/GypsyCrusader+News+Network/com.gypsycrusader HTTP/1.1
Host: www.tg-me.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 23:44:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 00:44:58 GMT
Location: https://www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfML7aByOfDwEWHPykgsb%2FLyWoDhOs%2F4177zx2eGh%2F5hwIhu2ny%2F%2Fte8BUWyQyX%2Brnxm13ih4sh8omxTyhmMVYr0I8oqgMjy9KBf2nQR8huP%2FOQ3mXFMbsda82qYHewT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f09a08bd30b39-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3765
Expires: Sat, 04 Feb 2023 00:47:44 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16612
Expires: Sat, 04 Feb 2023 04:21:51 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 23:43:35 GMT
content-type: application/json
age: 84
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11464
Expires: Sat, 04 Feb 2023 02:56:03 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cpeOLWagBRDV3cuVkQaAtkEy6vPwkS4n8uZNtJtjTH+XkRyANU/b70PnUqFF4Ec/sntjgIBPGCQ=
x-amz-request-id: KDGNR4R100H6CMJ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 23:23:46 GMT
age: 1273
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a4adb48fcec11be5899662d157aac89e
84b645e20d1fcb83415a3a12cce9224ef5d0621e
8cdbef7a8f6aafd8548816afc90ea12ac07f94aa2701c657be30eafc0a82914e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CDBEF7A8F6AAFD8548816AFC90EA12AC07F94AA2701C657BE30EAFC0A82914E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Sat, 04 Feb 2023 02:30:00 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a4adb48fcec11be5899662d157aac89e
84b645e20d1fcb83415a3a12cce9224ef5d0621e
8cdbef7a8f6aafd8548816afc90ea12ac07f94aa2701c657be30eafc0a82914e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8CDBEF7A8F6AAFD8548816AFC90EA12AC07F94AA2701C657BE30EAFC0A82914E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9901
Expires: Sat, 04 Feb 2023 02:30:00 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

s7.addthis.com/js/300/addthis_widget.js

2.18.172.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116423 bytes)
Hash
d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Fri, 03 Feb 2023 23:44:59 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.innity.net/admanager.js

23.32.97.102

200 OK

3.3 kB

URL HTTP/1.1
cdn.innity.net/admanager.js
IP
23.32.97.102:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (10252), with no line terminators
Size
3.3 kB (3250 bytes)
Hash
67f70474488554526256d7b6c332ab34
e4e77246c8564d7ed7983ed1b665f78a87d3d4ac
1c7447c854562f1cb49f51443725ecb7a1483cab2a5ff39382528236af20014f

HTTP Headers

GET /admanager.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Sat, 28 Aug 2021 09:22:10 GMT
ETag: "280c-5ca9b226f1480-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3250
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Sat, 04 Feb 2023 23:44:59 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY

142.250.74.40

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-H9DDVMTLKY
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19467)
Size
77 kB (77066 bytes)
Hash
d6766fd9fe54f5465edc0143ce72a4c3
28309c39b8dcb24a40acc8f696fd7c3c7ff93a65
65f646365edca87f0c4454ef2f3f4f8a9080f33b474f7a12c7fc45eb8055b487

HTTP Headers

GET /gtag/js?id=G-H9DDVMTLKY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 23:44:59 GMT
expires: Fri, 03 Feb 2023 23:44:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a6c8215eb3a89ad30f7f0ae1509bfbd
09ad9c5a9a5793e3d60fa707ec6ee7246ec273ed
8aedfc66db7517c5f3e7392a66caab3018740c18d3cd192c76372481a4d5f2d6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AEDFC66DB7517C5F3E7392A66CAAB3018740C18D3CD192C76372481A4D5F2D6"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10988
Expires: Sat, 04 Feb 2023 02:48:07 GMT
Date: Fri, 03 Feb 2023 23:44:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 23:07:19 GMT
age: 2260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Sat, 04 Feb 2023 00:22:54 GMT
Date: Fri, 03 Feb 2023 23:45:00 GMT
Connection: keep-alive

push.services.mozilla.com/

54.212.170.166

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.212.170.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QhPp0nyC/62Kx0aTZiLQAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zM7YMTrAM1E1Ov336axiUUY+2FQ=

region1.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-H9DDVMTLKY&gtm=45je3210&_p=2041370825&cid=692671172.1675467933&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467933&sct=1&seg=0&dl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&dt=GypsyCrusader%20News%20Network%20Telegram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.tg-me.com
date: Fri, 03 Feb 2023 23:45:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5c62320f6ab246ad9986250b38b94f64
7a6728673ae060401127e4e527c45beca83a63da
8956040d5467106058972d77127e73243f85816f6fa650e1a310b987fe8af7c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:44:31 GMT
Expires: Wed, 08 Feb 2023 02:44:30 GMT
Etag: "7a6728673ae060401127e4e527c45beca83a63da"
Cache-Control: max-age=355769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09aa8b7eb517-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5c62320f6ab246ad9986250b38b94f64
7a6728673ae060401127e4e527c45beca83a63da
8956040d5467106058972d77127e73243f85816f6fa650e1a310b987fe8af7c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:44:31 GMT
Expires: Wed, 08 Feb 2023 02:44:30 GMT
Etag: "7a6728673ae060401127e4e527c45beca83a63da"
Cache-Control: max-age=355769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09aaa86cb506-OSL

as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce

149.129.240.178

200 OK

296 B

URL HTTP/1.1
as.innity.com/synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce
IP
149.129.240.178:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (463), with no line terminators
Size
296 B (296 bytes)
Hash
dfb6a3fa4c95ca568674eece21d9c6c8
6e80193407a29499499543af35d8ca9a038ce298
81e69867bfd76563e80321931b84585d89a1e3b4cd9f410fb82b36dde19b338a

HTTP Headers

GET /synd/?cb=1675467932898&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93380&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:00 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=dfe7d129b42cd79a2dcc04cddc2ef621; expires=Sun, 02-Feb-2025 23:45:00 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:00 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 296
Content-Type: text/javascript; charset=utf-8

as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce

149.129.240.178

200 OK

296 B

URL HTTP/1.1
as.innity.com/synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce
IP
149.129.240.178:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (463), with no line terminators
Size
296 B (296 bytes)
Hash
7145243f25bbf2f128acf3ed17316a71
7dc40a9f7e5d5f195a9b4c999faf155a58e373c2
d2c14153b3058cda767c068d4672022ffe29c613b038e7330456121f18bd4a48

HTTP Headers

GET /synd/?cb=1675467932886&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=93378&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1280&vph=939&auction=2d74aba-a6352ce HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=934d83095735f2fde8b2947c6a4f3bf0; expires=Sun, 02-Feb-2025 23:45:01 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:01 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 296
Content-Type: text/javascript; charset=utf-8

cdn.innity.net/analytics.js

23.32.97.102

200 OK

152 B

URL HTTP/1.1
cdn.innity.net/analytics.js
IP
23.32.97.102:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
46d5024ebf1b6a988ead272230810b3f
14f8bac9205ef9cea440bd07bc08f21203181854
e29a328204732024e194cde9dbd28b72d517c2f56f228e50d5a496fd746b51aa

HTTP Headers

GET /analytics.js HTTP/1.1
Host: cdn.innity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 09 Dec 2015 07:32:50 GMT
ETag: "ad-5267218ef0c80-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 152
Content-Type: application/javascript
Unused62: 8096267
Cache-Control: max-age=86400
Expires: Sat, 04 Feb 2023 23:45:01 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

knlrfijhvch.com/solid.gif?z=1945070&abvar=2

62.122.171.6

200 OK

43 B

URL HTTP/2
knlrfijhvch.com/solid.gif?z=1945070&abvar=2
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1945070&abvar=2 HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

z.moatads.com/addthismoatframe568911941483/moatframe.js

2.18.173.140

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
2.18.173.140:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=46103
date: Fri, 03 Feb 2023 23:45:01 GMT
X-Firefox-Spdy: h2

intorterraon.com/5/5557327

139.45.197.239

200 OK

50 kB

URL HTTP/2
intorterraon.com/5/5557327
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (64428)
Size
50 kB (50322 bytes)
Hash
451ef4a1b4a824413286897096efe340
39b70094e3b05abd2aa98728cd554e75f322978d
3f255b7347e8376ef999711b6379ce4a3305d27595dc04b00a7f8b33fd937d0a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5/5557327 HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/javascript
x-trace-id: 786976f64ae531b2259d9c982a9691a1
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:44:59 GMT; path=/; secure; SameSite=None
oaidts=1675467899; expires=Sat, 03 Feb 2024 23:44:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:45:01 GMT
Last-Modified: Fri, 03 Feb 2023 22:11:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp

2.18.172.123

200 OK

526 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1483), with no line terminators
Size
526 B (526 bytes)
Hash
d28911df369ba0a8165a3d9611cb8fe3
cb00637ed6c61847fba8b33ee1048bbddc606d04
c60e78c2a41793d386fbfe0bc3aaac2cc73a75749da959a83c4f558306ee07ee

HTTP Headers

GET /live/boost/ra-61710efec007c081/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 526
etag: 411546989--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=0, s-maxage=86400
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

connect.facebook.net/en_GB/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_GB/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
083ae2d1056421d7cc6362e51339d07d
6e01248349d8bc704dd323b181ca7a83d064d7b4
b1a9b9e157565081209ce65891261108fd5434a2a9d8857854ea75a58ef4117c

HTTP Headers

GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2db7f7a14b52cfe3c8b1836b03f4e3b1
etag: "fce29239f54f01a87cc0b9dde3647057"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 23:54:49 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: CDri0QVkIdfMY2LlEznQfQ==
x-fb-debug: cGM0xCRFyxUMx/54rB/f+C1n9DuPkOBxWD4mBUfpe55QKVIcC52y6FpuhJgZYc5t5C0j2/yfWCxDB7hMnsTzxA==
content-length: 1687
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 23:45:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095

62.122.171.6

200 OK

7 B

URL HTTP/2
knlrfijhvch.com/get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1945070?zoneid=1945070&jp=_cls2htb2pw27jq7ghe44ll&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=954228396669095 HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: text/javascript
content-length: 7
x-route-id: config
set-cookie: UID=2302031845688edefbf1cd4712a8448167e7; Path=/; Expires=Sat, 03 Feb 2024 23:45:01 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:45:01 GMT
Last-Modified: Fri, 03 Feb 2023 22:11:28 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

1.1 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.1 kB (1129 bytes)
Hash
426343663196a171ee1dee5614fa19ee
eabf9bfe50b6517a5d5d8000983afd6220632351
e5402edf1efd558a3f7315484718f172284601a91a16f143f540e06cc4856b85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2864347C8CAFC993E298B6C80A7E34B0C49710B9E8E35AF6815EF685D4EFDAF2"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2731
Expires: Sat, 04 Feb 2023 00:30:32 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

14 kB

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
14 kB (14229 bytes)
Hash
3cc054e78b2551fe816870b38d6daf9f
176883422ef5a37cd7c6966306ebdb7804e1cc1b
49442abfdb9691aecad5e820f51fd57430347ecbef154bdada46b7fc6b1ee2c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=449292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09afa8dfb517-OSL

my.rtmark.net/gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
d1b660db6f1f249ca313ef00ebaaa98e
09c1c13c6e08eff4cfa675e95195780602160285
e444ed74eba269e85086fbc77eb8c59b4325476fbf3dc74a240cf41fd242d925

HTTP Headers

GET /gid.js?userId=bf78995502c646e0aaf4e82ea1eaef09 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.tg-me.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

2.18.172.123

200 OK

78 kB

URL HTTP/2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
78 kB (77691 bytes)
Hash
ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2

HTTP Headers

GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (86997 bytes)
Hash
52e55387166e25939395c3a5d41243a5
4f3854333a33e4ed1d682c7207c7fedd6834bc8d
8e532b935b95a66353073a996c79f37725535663d72620af43baa47c7bedcf35

HTTP Headers

GET /en_GB/sdk.js?hash=ddee246343c7c3e934b209c6af266196 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c6798dd00eb59374b4dd34e4f36e5011
etag: "2d26a35454d65d06a1816056b1f21b67"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Feb 2024 22:49:21 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UuVThxZuJZOTlcOl1BJDpQ==
x-fb-debug: RlIm4MVnGcSBlnIHaYCAl73IVEIHrzUaDKz8h0Ggma88pNESDEI/YfqEnj4OAEtHOsvaYEw+6kiBE2KUgNewKg==
content-length: 86997
x-fb-trip-id: 1904183273
date: Fri, 03 Feb 2023 23:45:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s7.addthis.com/static/151.67aec2e0546e639563bb.js

2.18.172.123

200 OK

815 B

URL HTTP/2
s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1679), with no line terminators
Size
815 B (815 bytes)
Hash
8c45a93a76f9e93cb7fe7a8dce9e1dbf
6604f1a4e77d07d55298cecc9c93e0e22e73a616
aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92

HTTP Headers

GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

2.18.172.123

200 OK

394 B

URL HTTP/2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (564), with no line terminators
Size
394 B (394 bytes)
Hash
09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82

HTTP Headers

GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

s7.addthis.com/static/157.5c460da9d8beb53078c0.js

2.18.172.123

200 OK

747 B

URL HTTP/2
s7.addthis.com/static/157.5c460da9d8beb53078c0.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1839), with no line terminators
Size
747 B (747 bytes)
Hash
31f1f88191d187ed29925230d652ac40
77927de772e05e3d0ba8fe70140a861c353a4444
1a9048e072cfd4ca76e4da93af36575e7b5a6ec8b665afd250d5c3d411e24d89

HTTP Headers

GET /static/157.5c460da9d8beb53078c0.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-72f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 747
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Sat, 04 Feb 2023 04:07:23 GMT
Date: Fri, 03 Feb 2023 23:45:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6718 bytes)
Hash
45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 5921
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13065 bytes)
Hash
cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 7084
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 4465
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 5669
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8267 bytes)
Hash
99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 5222
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3868 bytes)
Hash
77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: f130379c-2ea2-43d6-a1b0-e3afd4811bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEwLFYgIAMFzwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd819a-3d0199ab38a410ff7a78a675;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:50:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QrCYar2bxFJ_7bBH-5oJ4qdaS58NXDwNJxLI7ILxrBkzvzGV95PSFw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
age: 4465
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader

2.18.172.123

200 OK

2 B

URL HTTP/2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.tg-me.com/GypsyCrusader+News+Network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:00:00 GMT
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 03 Feb 2023 23:45:01 GMT
X-Firefox-Spdy: h2

api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0

2.18.172.123

200 OK

54 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
8f4b32044afc5145eee11cb9ee49cd9b
ad1fcc795ae95d187d6b021089301a02ed716be4
81a7d40a023ce9fb257cfb1e12b12cb333083ca0211930b11cb28be2186a3cad

HTTP Headers

GET /url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_7m9s0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader+news+network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:45:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 54
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

intorterraon.com/5/5557327

139.45.197.239

200 OK

24 kB

URL HTTP/2
intorterraon.com/5/5557327
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (64694), with no line terminators
Size
24 kB (24199 bytes)
Hash
ed8e9be4d8da6f8a9b6d08ed3560b86b
428baad08a9dcb43f7ca66723445f181b41f4075
da474e5560ac50e0d3cae923d99a2d1195787620b4c1bef06a99d97ba7ccdf17

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5/5557327 HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; oaidts=1675467899
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/javascript
x-trace-id: 744df1cd49f92bcea22a525664e4dd46
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
oaidts=1675467899; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218

149.129.240.178

200 OK

297 B

URL HTTP/1.1
as.innity.com/synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218
IP
149.129.240.178:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with very long lines (463), with no line terminators
Size
297 B (297 bytes)
Hash
074b6d259acbdd2cde83cf20f41b5c4e
4b843d7ce719ba5d1ddad39f5dec74db818adadf
d5694802f409c80407b13dfb1aa718ba641876478201de6ec9c4d1a4b13cbae0

HTTP Headers

GET /synd/?cb=1675467934626&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98814&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=*&height=*&vpw=1268&vph=939&auction=55152568-32e1f218 HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=7d1f67850ff736864d029bed51f58a5a; expires=Sun, 02-Feb-2025 23:45:01 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:01 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 297
Content-Type: text/javascript; charset=utf-8

api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0

2.18.172.123

200 OK

54 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
685435f7dc840bf10efbbc126a8e7480
0d9b0a67fe59df9587c8d46a7cd28381903e128f
887f7fa2ccd3afa014ddf117425feea404a9e2715ac4048f0698d042313e8fd8

HTTP Headers

GET /url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&callback=_ate.cbs.rcb_klzq0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader+news+network/com.gypsycrusader
last-modified: Fri, 03 Feb 2023 23:45:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 54
date: Fri, 03 Feb 2023 23:45:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

optimize.innity.com/?pubid=3686&zoneid=93380&cb=1675467934255

119.81.3.35

200 OK

43 B

URL HTTP/1.1
optimize.innity.com/?pubid=3686&zoneid=93380&cb=1675467934255
IP
119.81.3.35:0
ASN
#36351 SOFTLAYER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /?pubid=3686&zoneid=93380&cb=1675467934255 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

optimize.innity.com/?pubid=3686&zoneid=93378&cb=1675467934255

119.81.3.35

200 OK

43 B

URL HTTP/1.1
optimize.innity.com/?pubid=3686&zoneid=93378&cb=1675467934255
IP
119.81.3.35:0
ASN
#36351 SOFTLAYER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /?pubid=3686&zoneid=93378&cb=1675467934255 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:01 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218

149.129.240.178

200 OK

149 B

URL HTTP/1.1
as.innity.com/synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218
IP
149.129.240.178:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
HTML document, ASCII text, with no line terminators
Size
149 B (149 bytes)
Hash
c3fd5c0a3cab6c1181f46891e2a7e2a7
c12dfb004aea12479fa017bf6c7b7084b8e557ab
8672a27538c8a7e0ced1aa2ad4ed2e3379eb4b0b0162e14385f88d8cf012261b

HTTP Headers

GET /synd/?cb=1675467934922&ver=1&pub=dc727151e5d55dde1e950767cf861ca5&zone=98811&output=js&flash=0&url=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&width=300&height=250&vpw=1268&vph=939&auction=55152568-32e1f218 HTTP/1.1
Host: as.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=769ea091421913156600da7d8e571c6b; expires=Sun, 02-Feb-2025 23:45:02 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
iGEO=NO%7E12; expires=Sat, 04-Feb-2023 23:45:02 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=innity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 149
Content-Type: text/javascript; charset=utf-8

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=309705,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f09b509bcb506-OSL

grid.bidswitch.net/adj?auid=373595

18.194.21.26

200 OK

22 B

URL HTTP/2
grid.bidswitch.net/adj?auid=373595
IP
18.194.21.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
757a378066f32f7378db0c733f587bbc
e364c6fc5837d56a5f15fa3c39a46a7640e64211
18c983c761fdf75fb946aa47edc930cbf2f88bc7948ebc7bc6f699aa19628eb8

HTTP Headers

GET /adj?auid=373595 HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:45:02 GMT
content-type: text/javascript; charset=UTF-8
content-length: 22
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp

2.18.172.123

200 OK

526 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-61710efec007c081/_ate.track.config_resp
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1483), with no line terminators
Size
526 B (526 bytes)
Hash
d28911df369ba0a8165a3d9611cb8fe3
cb00637ed6c61847fba8b33ee1048bbddc606d04
c60e78c2a41793d386fbfe0bc3aaac2cc73a75749da959a83c4f558306ee07ee

HTTP Headers

GET /live/boost/ra-61710efec007c081/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 411546989--gzip
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 526
etag: 411546989--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=3, s-maxage=86400
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

optimize.innity.com/?pubid=3686&zoneid=98812&cb=1675467934914

119.81.3.35

200 OK

43 B

URL HTTP/1.1
optimize.innity.com/?pubid=3686&zoneid=98812&cb=1675467934914
IP
119.81.3.35:0
ASN
#36351 SOFTLAYER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /?pubid=3686&zoneid=98812&cb=1675467934914 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

optimize.innity.com/?pubid=3686&zoneid=98814&cb=1675467934927

119.81.3.35

200 OK

43 B

URL HTTP/1.1
optimize.innity.com/?pubid=3686&zoneid=98814&cb=1675467934927
IP
119.81.3.35:0
ASN
#36351 SOFTLAYER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /?pubid=3686&zoneid=98814&cb=1675467934927 HTTP/1.1
Host: optimize.innity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:45:02 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 23:45:02 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610

2.18.172.123

200 OK

90 B

URL HTTP/2
m.addthis.com/live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
2f33eb2cfddb5edc23e7bb777f4880d6
9660d05c5f87710a7cfecb5ceb26e0340e89f9c6
24d2f8014d7d1a56ee141dfdee2449deb6bdafdd8491a0da8229f00ab0aad8e4

HTTP Headers

GET /live/red_lojson/300lo.json?si=63dd9c9f55710bcc&bkl=0&bl=1&pdt=292&sid=63dd9c9f55710bcc&pub=ra-61710efec007c081&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.tg-me.com&fp=GypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&fr=us%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&colc=1675467935434&jsl=0&uvs=63dd9c9e75854f62001&skipb=1&callback=addthis.cbs.jsonp__072308378546108610 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 03 Feb 2023 23:45:02 GMT
X-Firefox-Spdy: h2

api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0

2.18.172.123

200 OK

53 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
a7a89f38a6472d0a7f3f64c98be101b5
8c5d715a3a1e66ecd1dcd36bcdd708894929c497
22de0c233161e5bff805e542b617abd55b6837faa1fcca62c334775abfa82032

HTTP Headers

GET /url/shares.json?url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_c6qw0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader%20news%20network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:45:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview

2.18.172.123

200 OK

3.1 kB

URL HTTP/2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
data
Size
3.1 kB (3078 bytes)
Hash
b939ad8da96f358448fc50b433e542cc
f1c96ffe3590b5bf10ed2b761bd26ce2e973fa17
1d14fb6d053a762eb3bbc46af1729c551ac29457a6ca57d1ae72f07717308d9d

HTTP Headers

POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.tg-me.com
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.tg-me.com/GypsyCrusader%20News%20Network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:00:00 GMT
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 03 Feb 2023 23:45:02 GMT
X-Firefox-Spdy: h2

api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00

2.18.172.123

200 OK

53 B

URL HTTP/2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
f8f018c1db6f5c1893093a44f4e32e4e
61b44f86666096bbce018fa790847f067f5458e3
0d7c5b852a8097251a0dfd338b2d3042aa761b4fb525fd19705e751a5f2e6111

HTTP Headers

GET /url/shares.json?url=http%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2520News%2520Network%2Fcom.gypsycrusader%2Fwebview&callback=_ate.cbs.rcb_bcm00 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.tg-me.com/gypsycrusader%20news%20network/com.gypsycrusader/webview
last-modified: Fri, 03 Feb 2023 23:45:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 03 Feb 2023 23:45:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width=

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width=
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v8.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df978e7682eaa1%26domain%3Dwww.tg-me.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tg-me.com%252Ff2a3c7079e0e634%26relation%3Dparent.parent&container_width=515&height=100&href=https%3A%2F%2Fwww.tg-me.com%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&locale=en_GB&numposts=5&sdk=joey&version=v8.0&width= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: do/aqxSvVWuUe+jOjZs51JsejWZQchab7B+rPDMLEk8t9lAhkyZ2SbqNa8FBrOiIEhIO82Hjmu3Koe7+LsLFmg==
content-length: 0
date: Fri, 03 Feb 2023 23:45:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader

188.114.96.1

200 OK

0 B

URL HTTP/2
www.tg-me.com/us/GypsyCrusader+News+Network/com.gypsycrusader
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /us/GypsyCrusader+News+Network/com.gypsycrusader HTTP/1.1
Host: www.tg-me.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 31 Jan 2023 16:09:40 GMT
cache-control: max-age=1382400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhZqp5IwfC8SdzYNbJdi2%2B2YbpBVWZKXlqqRTcgdRJF0vLfrc224Gv6LDPHTIQPwTq2n64wspTeH8frms8TGxNjVnr6DHPhHHgx9Uh30ZP9RGYl6RNZuZnq10N8GcuVh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f09a33d77b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js

62.122.171.6

200 OK

0 B

URL HTTP/2
knlrfijhvch.com/aas/r45d/vki/1945070/da5f3e3a.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1945070/da5f3e3a.js HTTP/1.1
Host: knlrfijhvch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:44:59 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:24:53 GMT
vary: Accept-Encoding
etag: W/"63d90895-126ea"
x-js-ab1: var2
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

acceptable.a-ads.com/2161124

144.76.28.254

200 OK

0 B

URL HTTP/2
acceptable.a-ads.com/2161124
IP
144.76.28.254:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /2161124 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tg-me.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.tg-me.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

intorterraon.com/?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link

139.45.197.239

200 OK

0 B

URL HTTP/2
intorterraon.com/?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?rb=j21CF2bMuKxaMNJubveEpCfEDq8Tok8iL34bS-DajvnTz9umJvlBB4t0FTWKMmnlb-sMtJBCprwhp_iAnv8gEU4M-gFx67ZIBNKwR0zREjDdhhFmmy7FSOj0xtdCye8vXANYjJGox5SD4X3YKNdwYxwnxjQvQNnDHP-1wW-aubjK42sIq2VXPT9-Pci9szFUcDaBgiemWUR3Aihb1mOggqZe5jRTFZf5_f0inc5g6g0%3D&request_ab2=0&zoneid=5557327&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=4&pl=https%3A%2F%2Fwww.tg-me.com%2Fus%2FGypsyCrusader%2BNews%2BNetwork%2Fcom.gypsycrusader&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=aab806cc-092c-492a-9a5f-f27506d45278&userId=bf78995502c646e0aaf4e82ea1eaef09&m=link HTTP/1.1
Host: intorterraon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.tg-me.com/
Origin: https://www.tg-me.com
Connection: keep-alive
Cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; oaidts=1675467899
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:45:01 GMT
content-type: application/json
x-trace-id: 5a1b005a5621a8714d72ee37cf9cc9cf
access-control-allow-origin: https://www.tg-me.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=bf78995502c646e0aaf4e82ea1eaef09; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
oaidts=1675467901; expires=Sat, 03 Feb 2024 23:45:01 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 10 Feb 2023 23:45:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL