magnews.ga/
45.153.184.53301 Moved Permanently 178 B IP 45.153.184.53:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET / HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 24 Nov 2022 09:54:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://magnews.ga/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7117
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 09:54:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5887
Cache-Control: max-age=94515
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:08 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:09:23 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 09:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2110
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9506
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 09:54:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: b2xRe2n93XstvqChOqvGnfQFa+Kph9KIEU0H19qZTVITG9CZqPR/+obk2Rqn+EjE41ANlP8adZs=
x-amz-request-id: JGN39VJY1Z8RM66N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 09:40:21 GMT
age: 827
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 09:54:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20dad9e2c5d150cbd1dce2092ace9616
5f198c614be9af5e93e80687586dba82aa4dd44b
fc8636a36def5d33957da3e7c1842976aad82a6a50c6af27f6f8f5e7186be1fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC8636A36DEF5D33957DA3E7C1842976AAD82A6A50C6AF27F6F8F5E7186BE1FB"
Last-Modified: Tue, 22 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 15:54:09 GMT
Date: Thu, 24 Nov 2022 09:54:09 GMT
Connection: keep-alive
magnews.ga/
45.153.184.53200 OK 41 kB IP 45.153.184.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7a4126bcc83b7e78d1b5c069e8a175c9
592959ec2f5ce9cc96902fd8ee22b2241ced14cd
b0b139761c467678a5a92c34f47f5f12579cd28f56889d68955483b9dc2257e5
GET / HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-32ee6"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/bootstrap/css/bootstrap.min.css
45.153.184.53200 OK 20 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/bootstrap/css/bootstrap.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65320)
Hash 7320098f94dfddf69dc58b00df5317b4
20b566fb8ca4a9b0aa07eb73a6dc2766affe1a6e
bddcdc7dc578479e80a73161b748e4d7c6d3df5a265a39aa93963eec87beb79f
GET /assets/green/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-1e822"
Content-Encoding: gzip
magnews.ga/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
45.153.184.53200 OK 8.3 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (35179)
Hash c5b5f80444b26b029d6b42b57adbe3f7
f9c124b3fc9c6605e9000aa9f939f390206678e3
0d8e82e594a879ffb4a3af830f803f90d5a17e99f04f4252c9f260672d3baa5b
GET /assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-8a1f"
Content-Encoding: gzip
magnews.ga/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
45.153.184.53200 OK 7.3 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (30837)
Hash 03ffadf80290ce56effd0a92ee1b6bb6
cdff33e0d2c3131cff1f25ee5e0a5d8bf4811706
ea282e7d965fa40101870e6c5c2555717b4cebe50146d447181374c8dab06f85
GET /assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-7918"
Content-Encoding: gzip
magnews.ga/assets/green/css/util.min.css
45.153.184.53200 OK 22 kB URL HTTP/1.1 magnews.ga/assets/green/css/util.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c6247f217036fdd8f69174ce886c9624
314a6ddaadab67f97a49ae42c0a5cabda78b32c2
5012ca1f6b2e3f2c7fa1f87daf806a8c854a7cdd881b247a0eeaf44a605f4b60
GET /assets/green/css/util.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-1da98"
Content-Encoding: gzip
magnews.ga/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
45.153.184.53200 OK 8.6 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 537d2da505eca9ee970434b03a56d99e
37053b92083e963ad4421601243c85dfbf5c320a
0633860952806c3c4e153cce4d50d171be7f69923702518d3e61f6ceabb6a25d
GET /assets/green/fonts/iconic/css/material-design-iconic-font.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-1149f"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/animate/animate.css
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/animate/animate.css
IP 45.153.184.53:0
Hash e7c0f39618e31caf1990a90a43defe8b
28c1b02c40b9f9db1a862fcd2cfd0b435ca3aafa
4e113aae2af6ede7c5d01eb34a663aa4c49611b2fe22636395ccae0c1e65a65a
GET /assets/green/vendor/animate/animate.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-5d28"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/css-hamburgers/hamburgers.min.css
45.153.184.53200 OK 2.3 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/css-hamburgers/hamburgers.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (19499)
Hash 83520ce19ffaab02f055ed9be9e00c15
8d9ad268696cd5b10b5ebb102ebe6c1aa71f35fc
d6098a05ad8dc5771e1c986efa7eec7e083a7e74e7f9ddf7b85dbe41e19a5b7d
GET /assets/green/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-4ce0"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/animsition/css/animsition.min.css
45.153.184.53200 OK 2.5 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/animsition/css/animsition.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (27282)
Hash 59615e28e5f42254f9d250bbaa89b880
9281609cc1544bb2c554f7cf667292e5d86e4157
bba4f07149641070061d1b67adeaefedd43e69bfd4c20adaee62f37b7daabacf
GET /assets/green/vendor/animsition/css/animsition.min.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-6b56"
Content-Encoding: gzip
magnews.ga/assets/green/css/main.css
45.153.184.53200 OK 6.3 kB URL HTTP/1.1 magnews.ga/assets/green/css/main.css
IP 45.153.184.53:0
Hash 316436123f3ffd6fc81c4ba4ab2c5cad
fcc1bc8402924c0ca5e0e292bf5979a3571b75fa
053b1e33dd7490eb2282fa52bdf17c140a5a12c860e901d549d6bd6ccd9d30c5
GET /assets/green/css/main.css HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-8c4b"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/jquery/jquery-3.2.1.min.js
45.153.184.53200 OK 31 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/jquery/jquery-3.2.1.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (32058)
Hash 3bb7ae2826c5f86610c1d4233074628d
bea0f851ec7c92520c3335a357dee19de671f46b
b61740175c6cd7cfcf2c346eb091b7e52d24169a9711b401e74021070282ceee
GET /assets/green/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-15283"
Content-Encoding: gzip
magnews.ga/assets/green/images/icons/logo-01.png
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ga/assets/green/images/icons/logo-01.png
IP 45.153.184.53:0
File type PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e697b3a4e69a8f9bfa6f6ed6f17b088
8012c50117f0105c0f62ad8b2e42ab6c92260a56
3ef4a0cc1ec054dd3c3ab792e2aeb68b609d6719bd9215a73771ea8271e8e531
GET /assets/green/images/icons/logo-01.png HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: image/png
Content-Length: 3144
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-c48"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ga/assets/green/vendor/animsition/js/animsition.min.js
45.153.184.53200 OK 2.0 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/animsition/js/animsition.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (5415)
Hash ae601be5bc180381fdca18afe7e2a86e
3e3d44d2312896e710c5c8d22b2bbd80e1398094
6f493600037617d7cbbfb3f7cfbd6a7777524c9b64b52e353541b187bc31f288
GET /assets/green/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-15ef"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/bootstrap/js/popper.js
45.153.184.53200 OK 22 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/bootstrap/js/popper.js
IP 45.153.184.53:0
File type Unicode text, UTF-8 text, with very long lines (337)
Hash d01c90e9a177cfe48de7664fc50cd8ce
9ac3958e7ded1ec4c03aa2355e7f9e7d7c57fcfa
6abc0b1ae2925012caf6f639af542225039af9e55a50aeee92d562e7fa6940fe
GET /assets/green/vendor/bootstrap/js/popper.js HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-13f06"
Content-Encoding: gzip
magnews.ga/assets/green/vendor/bootstrap/js/bootstrap.min.js
45.153.184.53200 OK 14 kB URL HTTP/1.1 magnews.ga/assets/green/vendor/bootstrap/js/bootstrap.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (50904)
Hash aaa66f72df0f51f1d56afc50d6e19c18
35d3a2f552f65c637aefc79744081611fb6a299b
a96f8103c3df27c8bd3d0981b42972bd9e287b2dff6aac8f025467ae315bc833
GET /assets/green/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-c7c7"
Content-Encoding: gzip
magnews.ga/assets/green/js/main.js
45.153.184.53200 OK 2.0 kB URL HTTP/1.1 magnews.ga/assets/green/js/main.js
IP 45.153.184.53:0
Hash dfb2344cd95d15c282454d7ef6bc9176
0656f972b74a46a3baa89681283edd73bd74a61b
1792a18a8114934d93e651d899859379c7e07128796ea88ec5584efd0ba8271e
GET /assets/green/js/main.js HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"637ecef5-2299"
Content-Encoding: gzip
magnews.ga/assets/green/images/icons/logo-02.png
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ga/assets/green/images/icons/logo-02.png
IP 45.153.184.53:0
File type PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 11875c613d10690291eaacf7e6149bd6
984ef430013903318e0efc577a1593d98e4f096d
f1b6c0bf497f48b7482399d53dbdc68bcfc177ac9b3787eb8ea6a05619cdd13e
GET /assets/green/images/icons/logo-02.png HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: image/png
Content-Length: 3068
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-bfc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
intermoneynews.files.wordpress.com/2021/10/cryptotab.png
192.0.72.17200 OK 23 kB URL HTTP/2 intermoneynews.files.wordpress.com/2021/10/cryptotab.png
IP 192.0.72.17:0
File type PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data
Hash 42585119816a687b0fd42aed03e34812
3f460588704eab341bedbbf89b6a8a427e38278b
e8b30a56d1bbf82ff0403267d7abf3fbd1ad6492c3ed03c6d7d99cabdbe64a0e
GET /2021/10/cryptotab.png HTTP/1.1
Host: intermoneynews.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 09:54:09 GMT
content-type: image/png
content-length: 22722
last-modified: Thu, 21 Oct 2021 18:52:19 GMT
expires: Sun, 04 Dec 2022 05:26:59 GMT
x-orig-src: 01_mogdir
access-control-allow-credentials: true
access-control-allow-origin: https://intermoneynews.wordpress.com
vary: Origin
x-nc: HIT arn 17 np
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
satoripolitics.files.wordpress.com/2022/10/300x250-loansolo-com-set2.jpg
192.0.72.21200 OK 25 kB URL HTTP/2 satoripolitics.files.wordpress.com/2022/10/300x250-loansolo-com-set2.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 8e13cd283d338dc2b930232f2ecc5398
87c01c04b4b16709597ad53560374ffadc83ca5a
7a0f8125d1d0960b717798d4ca5f12c08af987ad17f4244fa377fbac8f274005
GET /2022/10/300x250-loansolo-com-set2.jpg HTTP/1.1
Host: satoripolitics.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 09:54:09 GMT
content-type: image/jpeg
content-length: 24705
last-modified: Tue, 11 Oct 2022 11:49:24 GMT
expires: Fri, 02 Dec 2022 05:27:29 GMT
x-orig-src: 01_mogdir
access-control-allow-credentials: true
access-control-allow-origin: https://satoripolitics.wordpress.com
vary: Origin
x-nc: HIT arn 21 np
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 2716
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
magnews.ga/assets/green/fonts/Roboto/Roboto-Regular.ttf
45.153.184.53200 OK 172 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/Roboto/Roboto-Regular.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size 172 kB (171676 bytes)
Hash 3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
GET /assets/green/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/octet-stream
Content-Length: 171676
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-29e9c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ga/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2
45.153.184.53200 OK 54 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 54488, version 1.0\012- data
Hash e8c322de9658cbeb8a774b6624167c2c
db06af71da4197a4e1bd553d124725a8081c13f0
e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69
GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ga/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:09 GMT
Content-Type: application/octet-stream
Content-Length: 54488
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-d4d8"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:09 GMT
Last-Modified: Thu, 24 Nov 2022 08:14:44 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8e6684f339934154a5c8372234b5fe
afcdcd71325221914ffec71db3171821bd6440b7
8f39d2918dd55fe59622e514b97c8a72790ef22135febb7575f231c69bc96726
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F39D2918DD55FE59622E514B97C8A72790EF22135FEBB7575F231C69BC96726"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2815
Expires: Thu, 24 Nov 2022 10:41:04 GMT
Date: Thu, 24 Nov 2022 09:54:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d8e6684f339934154a5c8372234b5fe
afcdcd71325221914ffec71db3171821bd6440b7
8f39d2918dd55fe59622e514b97c8a72790ef22135febb7575f231c69bc96726
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F39D2918DD55FE59622E514B97C8A72790EF22135FEBB7575F231C69BC96726"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2815
Expires: Thu, 24 Nov 2022 10:41:04 GMT
Date: Thu, 24 Nov 2022 09:54:09 GMT
Connection: keep-alive
pl16596542.highperformancecpmgate.com/1b81771eb2e7bde36c5861133ae85209/invoke.js
173.233.139.164200 OK 9.3 kB URL HTTP/1.1 pl16596542.highperformancecpmgate.com/1b81771eb2e7bde36c5861133ae85209/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25098), with no line terminators
Hash fcfc413eb54f49de2eb058ec4b1aaa2c
d9ce1e01606f0f97dfad8af9545d35d1a78e44a0
9ed3671e22b333f252b30d022a1b480c96289969fea37a8dbddd933ab0f5faa2
Analyzer Verdict Alert quad9 Sinkholed
GET /1b81771eb2e7bde36c5861133ae85209/invoke.js HTTP/1.1
Host: pl16596542.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1d96ed29b076a3bf09e240f3fe0442c1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl16761221.highperformancecpmgate.com/ff58013ecc9bec81573cd50e55aaaff4/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 pl16761221.highperformancecpmgate.com/ff58013ecc9bec81573cd50e55aaaff4/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25070), with no line terminators
Hash 4aaed6f8afa22a3802939e2e8e82d1d8
327c7b62362c198e16537883ea44383535eecfba
cf018475300f1822ca73aae2ff36c9d2c1f9afc541c2568c72d6a42691424f5f
Analyzer Verdict Alert quad9 Sinkholed
GET /ff58013ecc9bec81573cd50e55aaaff4/invoke.js HTTP/1.1
Host: pl16761221.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b3333b227079a9ef34697df8e5c43fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl16843262.highperformancecpmgate.com/13/9d/96/139d964f34008db1665293cef8a6fd01.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 pl16843262.highperformancecpmgate.com/13/9d/96/139d964f34008db1665293cef8a6fd01.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37164), with no line terminators
Hash 7e2de0ed7e946d5831f109b9fec575e9
21e9c508ca7995a209d9c7cfd6641995174823b4
36988744c12ca381d2689e729f1479cbb47059210428ecfef555f8f0f8a57405
Analyzer Verdict Alert quad9 Sinkholed
GET /13/9d/96/139d964f34008db1665293cef8a6fd01.js HTTP/1.1
Host: pl16843262.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cb7cca01f6e8fd50769c30370f4df1c9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wqx7sx77MEboH+3sw/mZnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 91cuM+oYFMZKL8WZojDgQqwQeRw=
pl16843259.highperformancecpmgate.com/11fd0babe09c3d81d0f30d263e4466b0/invoke.js
192.243.61.227200 OK 9.3 kB URL HTTP/1.1 pl16843259.highperformancecpmgate.com/11fd0babe09c3d81d0f30d263e4466b0/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25062), with no line terminators
Hash 3a8d1d097c858e917523de94a6ad5705
b9073be1fac5af61035209422fc272816492cb23
3270a945612996ebe6f31401371a2305789eebb10a8ef710a65e63dbd9fe94b0
Analyzer Verdict Alert quad9 Sinkholed
GET /11fd0babe09c3d81d0f30d263e4466b0/invoke.js HTTP/1.1
Host: pl16843259.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64ea442b45582285214f8f05f690ef88
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f97c87ffa2bc8c73de5bf717d0fa6ec6
8c849b880c60622b17f3b1aa8af6baa5e225462a
a3b4f00914737fe58f72f7a895d56f4de2def3dfe2a02ebbf5565e5000715ec9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B4F00914737FE58F72F7A895D56F4DE2DEF3DFE2A02EBBF5565E5000715EC9"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13093
Expires: Thu, 24 Nov 2022 13:32:23 GMT
Date: Thu, 24 Nov 2022 09:54:10 GMT
Connection: keep-alive
www.profitabledisplayformat.com/3c6e2f3e0d61313337d0d2f9d70f0bd4/invoke.js
173.233.137.36200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/3c6e2f3e0d61313337d0d2f9d70f0bd4/invoke.js
IP 173.233.137.36:0
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 3dca9164aad934077ca86dad68ec4b1f
e16c60b3061b149b9b3310adee0f85869a06d1e0
cabddcef537a7d14ff48ac30cea80206a026e997a1e98163d98be62af9e6354b
Analyzer Verdict Alert quad9 Sinkholed
GET /3c6e2f3e0d61313337d0d2f9d70f0bd4/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b60d43fd0a8fe6d745504f20bf90b4a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/af4f67e2f75c9c693b5ba318e25c2258/invoke.js
173.233.137.36200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/af4f67e2f75c9c693b5ba318e25c2258/invoke.js
IP 173.233.137.36:0
File type exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Hash 0db772eac3d593b76f0b7b577f1446b1
dd9c4c575a1ebbd9d44c83ad68e4909f3ebf19fe
ed2b43d32274d9f017cc65249e1ae6eec2ebc69b38b53c2daba065dc9090ff9c
Analyzer Verdict Alert quad9 Sinkholed
GET /af4f67e2f75c9c693b5ba318e25c2258/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1eab0cc2e81b17c8241a122d362ffe0b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
magnews.ga/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
45.153.184.53200 OK 38 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ga/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 38384
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-95f0"
Accept-Ranges: bytes
magnews.ga/assets/green/fonts/Roboto/Roboto-Medium.ttf
45.153.184.53200 OK 172 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/Roboto/Roboto-Medium.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size 172 kB (172064 bytes)
Hash d08840599e05db7345652d3d417574a9
5f16f4d6dbb4a4f12d8ae96488ac209bb49762a5
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
GET /assets/green/fonts/Roboto/Roboto-Medium.ttf HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 172064
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-2a020"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 78a5e8567c816ea5adeff1e60bd63461
bee92246cea1db6fb25a8f4e431060e349dc73a2
5312c83674cb2dc648d3e67a484bcd02cb44fd535ef277c54eb45f4990381243
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104620
Date: Thu, 24 Nov 2022 09:54:10 GMT
Etag: "637e2096-1d7"
Expires: Fri, 25 Nov 2022 14:57:50 GMT
Last-Modified: Wed, 23 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GDql8rT85EUM-Pl5oNOqP7PTEG3iu79KOck_MKfkMHQQ0mMSePohGg==
Age: 5208
magnews.ga/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
45.153.184.53200 OK 77 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ga/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-12d68"
Accept-Ranges: bytes
magnews.ga/assets/green/fonts/Lato/Lato-Regular.ttf
45.153.184.53200 OK 120 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/Lato/Lato-Regular.ttf
IP 45.153.184.53:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 30 names, Macintosh, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und\012- data
Size 120 kB (120196 bytes)
Hash 7f690e503a254e0b8349aec0177e07aa
127f241871a9fe42cd8d073a0835410f3824d57c
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
GET /assets/green/fonts/Lato/Lato-Regular.ttf HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 120196
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-1d584"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 056e3fd6a1853577d3b04de3470fbbe9
fb0bd3794508af2b5170754782c098ee1ab2bf3e
41be1b07f3d0b2276aeb826ad1c570d69eee55f72c498e2c78ecc752e411caa2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
set-cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1; expires=Sun, 21 Nov 2032 09:54:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
magnews.ga/assets/green/fonts/Roboto/Roboto-Bold.ttf
45.153.184.53200 OK 171 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/Roboto/Roboto-Bold.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size 171 kB (170760 bytes)
Hash ee7b96fa85d8fdb8c126409326ac2d2b
0ce37ced9c5fcac9bdc452a432c1258870ba4677
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
GET /assets/green/fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 170760
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-29b08"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ga/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2
45.153.184.53200 OK 40 kB URL HTTP/1.1 magnews.ga/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 40148, version 1.0\012- data
Hash 0ab54153eeeca0ce03978cc463b257f7
6ec6d36cb2464b4e821cfabb532f310bd342601c
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: magnews.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ga/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 09:54:10 GMT
Content-Type: application/octet-stream
Content-Length: 40148
Last-Modified: Thu, 24 Nov 2022 01:55:01 GMT
Connection: keep-alive
ETag: "637ecef5-9cd4"
Accept-Ranges: bytes
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 056e3fd6a1853577d3b04de3470fbbe9
fb0bd3794508af2b5170754782c098ee1ab2bf3e
41be1b07f3d0b2276aeb826ad1c570d69eee55f72c498e2c78ecc752e411caa2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 056e3fd6a1853577d3b04de3470fbbe9
fb0bd3794508af2b5170754782c098ee1ab2bf3e
41be1b07f3d0b2276aeb826ad1c570d69eee55f72c498e2c78ecc752e411caa2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 056e3fd6a1853577d3b04de3470fbbe9
fb0bd3794508af2b5170754782c098ee1ab2bf3e
41be1b07f3d0b2276aeb826ad1c570d69eee55f72c498e2c78ecc752e411caa2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 056e3fd6a1853577d3b04de3470fbbe9
fb0bd3794508af2b5170754782c098ee1ab2bf3e
41be1b07f3d0b2276aeb826ad1c570d69eee55f72c498e2c78ecc752e411caa2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash c1c4ef48270e78860b6cc711e36b7e05
9c39cb16bbc0b7282b600f700cb15a58eff83d19
12533f88121b7bb300218ed435c3e44f22ba7a9d63ab1af5eb51d7777a5e5ac6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ga
access-control-allow-credentials: true
set-cookie: uid_id2=46c4f750-f103-4739-b1d4-bb988d493582:3:1; expires=Sun, 21 Nov 2032 09:54:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9262
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 09:54:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e57f9c1b60441bfc46fd783fa71694d
a24e7e64d55c49ecfca18323e40fa7b19e3800a4
c2aac35cf90ab850c9f862306437bf372ce7521ae05978ae3c97a3f5e71dfcab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2AAC35CF90AB850C9F862306437BF372CE7521AE05978AE3C97A3F5E71DFCAB"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3082
Expires: Thu, 24 Nov 2022 10:45:33 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf5bb4392877e0f06d169f84a56adc7e
f07e993f0e594ace85f37308c7c4355663808ff9
1d9e995dedae5811ae67286ecff2d17c3e5c3b65a2057a8b7f0c48cfca92b092
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D9E995DEDAE5811AE67286ECFF2D17C3E5C3B65A2057A8B7F0C48CFCA92B092"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=960
Expires: Thu, 24 Nov 2022 10:10:11 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e736b270f4f7ee81726f9d864a19bd7e
38b23fb001727431e1cfd2b8d388df2fd6ca936a
b36a1e8a60d0e8ef2f5f0f444e8bcaa48ac760b8dd27fd6f304de48c1ba3dcc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B36A1E8A60D0E8EF2F5F0F444E8BCAA48AC760B8DD27FD6F304DE48C1BA3DCC4"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20855
Expires: Thu, 24 Nov 2022 15:41:46 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81f06bdffcb9d3bbc4c97b81c154458c
1b0c26a8e57f9f1a0feb64e442da93197452af91
93bfab2a077dc2ab11317f09649bd6d400aa606a5c062b3f728557105ac2847d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93BFAB2A077DC2AB11317F09649BD6D400AA606A5C062B3F728557105AC2847D"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17375
Expires: Thu, 24 Nov 2022 14:43:46 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d363aefd1a49a8d1bee47992e20e469c
c6f6d65427abcb94cf47475bcc5eeba92dc5eb88
94a7bd6ac9bd7809afd8615a15a598f0bd81c00d65739193a7d26a1e0b400b49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94A7BD6AC9BD7809AFD8615A15A598F0BD81C00D65739193A7D26A1E0B400B49"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10597
Expires: Thu, 24 Nov 2022 12:50:48 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12941
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12941
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12941
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 43579
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xYCpAPfR8rrHKURifh5EhDmMte-T2EgDeqP5jD24Jb0ICkXcpbnU5Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:30:43 GMT
age: 15808
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdebbc7d6d2f262afe69e6f2d97d58b
e62b4e08c2813f67fa0f466b4f66d5d4c609526f
decdfd76f2b382026f13ba2cd07fceae8a8964b4157c0f4dcef6bcd061817b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6404
x-amzn-requestid: 5a69edc8-b240-4c21-ba0d-dc175b8ff3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvY6HfnoAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d2-4fd0613627b92d636337cbad;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JBcELEHpSjhEJpgL7NWxlolY0Vt_b5RYE9zJyiBgIIZvf2re37TnaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:23:31 GMT
age: 9040
etag: "e62b4e08c2813f67fa0f466b4f66d5d4c609526f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 43504
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd3f1be747f6b2f1c35afb01db67b792
a4373037b8b379939b1b099c3ef63f8792e67579
fdbd778a505e1928e9b5296b6150763c2dca9876ec0ef8f772e73ca386ab74d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8441
x-amzn-requestid: c050c897-c6d4-44ef-93c2-cfbf32cd8bff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClG-AoAMFwxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-039834877c2b792b5feb6819;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H31vJjvBF3eWF37DqfsaL-KxOnEHJS1JSmehtTYPhzjZjj-PIhm9pQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 43742
etag: "a4373037b8b379939b1b099c3ef63f8792e67579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wm_pBVCoReupun-_glC47ejuxaRJ6ViGPKClLnWkDrmT-SewUOXexw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:01 GMT
age: 42490
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e5bf97b0f8f82cd1712b34a118315c7e
8ebf659b5a09b932ed6ee219fd28803238f2816a
e64ddbc741840c4a933626710273fc41231d91a6a69b981ede401a4d6f59f7c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64DDBC741840C4A933626710273FC41231D91A6A69B981EDE401A4D6F59F7C5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9006
Expires: Thu, 24 Nov 2022 12:24:17 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
whiskerssituationdisturb.com/watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1&shu=5fb31a3bc150ba2ffacc998e1a23f16417929e4225233e10723c913cfee5f52f2ddcb29251ffce43c52b7eabcd9fa1bc136237f8c905a09e1f3c755af53c7073c48e4a43046a5dd32d14dc5bb197c9f6f75974&pst=1669283711&rmtc=t
Set-Cookie: u_pl=17854573; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NDU3MywiayI6IjNjNmUyZjNlMGQ2MTMxMzMzN2QwZDJmOWQ3MGYwYmQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzA2OTg3LCJwaWQiOjI5Nzc5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZzhoZDhmeGYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLmdhLyJ9fQ.x8Xg8foDeaxR351SD3MKnXgPcFmLnFNNFFltQ-a23kw; expires=Thu, 24 Nov 2022 09:55:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 143b6f5ac8c206a249b6f450d2ea465d
Strict-Transport-Security: max-age=0; includeSubdomains
yearbookhobblespinal.com/watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 yearbookhobblespinal.com/watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Location: https://yearbookhobblespinal.com/watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1&shu=a8fed3e9e5020878e4db63babddcf0546e2990fc871327f2a0b56c442935b2fca11bc61732a21722956d86ca292ea3a89ea949567fcdfee0631ee15fad99e23981a943cdb8f670b32dd30ae878de6ed723b12636&pst=1669283711&rmtc=t
Set-Cookie: u_pl=16742752; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc0Mjc1MiwiayI6ImFmNGY2N2UyZjc1YzljNjkzYjViYTMxOGUyNWMyMjU4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzA2OTg3LCJwaWQiOjI5Nzc5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwZ2h3eTF2ZGR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWFnbmV3cy5nYS8ifX0.HSqBO47cq82UIZ4XtUZJS4PKytnCNLUHrKCCpmhR0Gk; expires=Thu, 24 Nov 2022 09:55:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec2785859f0e3fbd8968cc8e29d049ba
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ntv.json?key=ff58013ecc9bec81573cd50e55aaaff4&vstc=1
192.243.59.12200 OK 4.2 kB URL HTTP/1.1 burlydeclined.com/ntv.json?key=ff58013ecc9bec81573cd50e55aaaff4&vstc=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4195), with no line terminators
Hash d54473955d7f22f2d756fa6216cff0e1
51dcec5aa08c890438b000a1be65476454532a71
691e4b900e2a7bc1f23e61669f918977a26044d5407cb6045c0588ad7fa1accf
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=ff58013ecc9bec81573cd50e55aaaff4&vstc=1 HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: application/json
Content-Length: 4195
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16660722; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
nlecff58013ecc9bec81573cd50e55aaaff4=[2229333]; expires=Thu, 24 Nov 2022 09:54:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a16e20e0c7440a53e088addba84ae754
Strict-Transport-Security: max-age=0; includeSubdomains
jeerinfluencemedical.com/ntv.json?key=1b81771eb2e7bde36c5861133ae85209&vstc=1
192.243.59.12200 OK 4.2 kB URL HTTP/1.1 jeerinfluencemedical.com/ntv.json?key=1b81771eb2e7bde36c5861133ae85209&vstc=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4248), with no line terminators
Hash 17cb12bb341299624b1b4d80a6ae52f5
2c712e431bb0882b8fac1964ce0f420ff69a9e9d
f361f5a1b208eddd2eb10d5e548ea9ea30cd130e83116771e865a6c80dcd5662
GET /ntv.json?key=1b81771eb2e7bde36c5861133ae85209&vstc=1 HTTP/1.1
Host: jeerinfluencemedical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: application/json
Content-Length: 4248
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16496043; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
nlec1b81771eb2e7bde36c5861133ae85209=[2229329]; expires=Thu, 24 Nov 2022 09:54:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7e04efef044def6426ce2bc8011465e
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=46c4f750-f103-4739-b1d4-bb988d493582&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=139d964f34008db1665293cef8a6fd01&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=46c4f750-f103-4739-b1d4-bb988d493582&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=139d964f34008db1665293cef8a6fd01&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=46c4f750-f103-4739-b1d4-bb988d493582&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=139d964f34008db1665293cef8a6fd01&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48cba97678412740c597afeb4577211f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 128947ec7b52febb8ece9e9d63ebcffc
52fcbf26e04ea81e674e512dbc77ab67bacf3db6
5cfd821fe96a2e13784d9a63725f8aa5de392155cf1000c308a09a14ff9efe8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CFD821FE96A2E13784D9A63725F8AA5DE392155CF1000C308A09A14FF9EFE8B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14560
Expires: Thu, 24 Nov 2022 13:56:51 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 128947ec7b52febb8ece9e9d63ebcffc
52fcbf26e04ea81e674e512dbc77ab67bacf3db6
5cfd821fe96a2e13784d9a63725f8aa5de392155cf1000c308a09a14ff9efe8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CFD821FE96A2E13784D9A63725F8AA5DE392155CF1000C308A09A14FF9EFE8B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14560
Expires: Thu, 24 Nov 2022 13:56:51 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
firearmtire.com/ntv.json?key=11fd0babe09c3d81d0f30d263e4466b0&vstc=4
192.243.59.13200 OK 17 kB URL HTTP/1.1 firearmtire.com/ntv.json?key=11fd0babe09c3d81d0f30d263e4466b0&vstc=4
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16671), with no line terminators
Hash 449b70ce937c23182354a648d16df264
95592fb9fe55ea6bdd4cad751c62cacef7f020af
3412f1c1b3cfc7ba1f873ab83179d3464dd7d289aa04b804b0816ca72bca23ab
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=11fd0babe09c3d81d0f30d263e4466b0&vstc=4 HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: application/json
Content-Length: 16671
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16742760; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
nlec11fd0babe09c3d81d0f30d263e4466b0=[2106764,2229213,2229214,2229215]; expires=Thu, 24 Nov 2022 09:54:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3979ef5411288b609235be2aae62fbac
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXuMlXvx12VsjCAoy6Z6Z3sy4aDC7RoIxifuDnKurqidlqquaqu7pSS4GF2TBy3hTT503yQY1iPsHCDIRZAkKO5clB%2BN%2F4EFh8SQyk4HRD7q%2F9%2Bp9h%2Fe%2Bqk8PigsSoKDnmx%2BYPakUXYhqgf%2FaltTclM5fv%2BOHQS247m9Jfa153e%2BNf7b7ZhhEteB1%2Fz3BdsxCPQiDIAxCf0VakZjewkSFzE7aYa0d1Jr1Whg10bP%2F567w4KgH3r0gL0Ly0bPbjx5CsiF0%2Bv1N4XZyk73xbloomhuLLj%2B%2Bq3e0KTXSGUysh0QfT6dh3IiQL67A6ONpApju4TgBYjki3pMQsT6e2kTcPbp0GisIjZg%2Fh7I7hFBDSDoEM%2Fcg%2BWMCMI71Dej0wbqxJd29VOlYHZG5p39BliMy99vL0Ol3y0r2%2FNtGFbk02qGXVJC9IWRniKw4Rb7nQZanYPknkPxXsvB0DTo93HDKQPJqkl7KIWQyhBJ9UOehGH%2FSQ5F4KDIPKT%2F3adROgmAxiZNGo9VkjDUajEWtazzijWYrCVCwsb0%2B8qwPpvpgdh%2BZ3ceO7MMWP8JtV3Dcg8tHxPtwH11eoRQEpSMoKUEpCcqcoOxWR1y5uqsecOWKOJz2%2BrQ3qoHJOwf0yOQdoclBdkFemOzln9af2BHnfpJErSBsCMbasWCtMFpsMB4FIooopUnShJMVpLsyibonR%2BTq4e%2FI5IjMffY2YnoKp07B5BXQIgQtB4v1AHR70GwF2NMnUufCalG6WqrATYUsn0O%2B6x2oC3J14uOVubsQ7Gzp5%2Fm3ssGTeTBbIbMVPpI%2FEXTU%2FcEtU5LDW6Z05OFGlstU7tHx3d3OaS6e%2BeZ9sVsay1dvuv7X77CxMIYnd4TL16jmUncc%2BXZZci7sirFMkB9W3ZaINwu3vVxYXWRrmzdWVtPMCuek0UNQ%2BXjjb7BxwFdfmrzK53%2F5A9IOYYsKaXFGpgVpTsGyfbhs5t4ZAqtmM3HmoSyqga3Hs0MlCZSYcRpXcP%2Fh8QwfuPvoWA80vwedVujaCl1Vgao%2BXDE%2FyDN7tvToy3F9hVh5g1hZ7zBWVn1%2BuVonz30RJUEigrqIk3acLNKAt5NmO6btUCzGEQ2RuxH7eOnGvwAAAP%2F%2FAQAA%2F%2F%2F33eidbQQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXuMlXvx12VsjCAoy6Z6Z3sy4aDC7RoIxifuDnKurqidlqquaqu7pSS4GF2TBy3hTT503yQY1iPsHCDIRZAkKO5clB%2BN%2F4EFh8SQyk4HRD7q%2F9%2Bp9h%2Fe%2Bqk8PigsSoKDnmx%2BYPakUXYhqgf%2FaltTclM5fv%2BOHQS247m9Jfa153e%2BNf7b7ZhhEteB1%2Fz3BdsxCPQiDIAxCf0VakZjewkSFzE7aYa0d1Jr1Whg10bP%2F567w4KgH3r0gL0Ly0bPbjx5CsiF0%2Bv1N4XZyk73xbloomhuLLj%2B%2Bq3e0KTXSGUysh0QfT6dh3IiQL67A6ONpApju4TgBYjki3pMQsT6e2kTcPbp0GisIjZg%2Fh7I7hFBDSDoEM%2Fcg%2BWMCMI71Dej0wbqxJd29VOlYHZG5p39BliMy99vL0Ol3y0r2%2FNtGFbk02qGXVJC9IWRniKw4Rb7nQZanYPknkPxXsvB0DTo93HDKQPJqkl7KIWQyhBJ9UOehGH%2FSQ5F4KDIPKT%2F3adROgmAxiZNGo9VkjDUajEWtazzijWYrCVCwsb0%2B8qwPpvpgdh%2BZ3ceO7MMWP8JtV3Dcg8tHxPtwH11eoRQEpSMoKUEpCcqcoOxWR1y5uqsecOWKOJz2%2BrQ3qoHJOwf0yOQdoclBdkFemOzln9af2BHnfpJErSBsCMbasWCtMFpsMB4FIooopUnShJMVpLsyibonR%2BTq4e%2FI5IjMffY2YnoKp07B5BXQIgQtB4v1AHR70GwF2NMnUufCalG6WqrATYUsn0O%2B6x2oC3J14uOVubsQ7Gzp5%2Fm3ssGTeTBbIbMVPpI%2FEXTU%2FcEtU5LDW6Z05OFGlstU7tHx3d3OaS6e%2BeZ9sVsay1dvuv7X77CxMIYnd4TL16jmUncc%2BXZZci7sirFMkB9W3ZaINwu3vVxYXWRrmzdWVtPMCuek0UNQ%2BXjjb7BxwFdfmrzK53%2F5A9IOYYsKaXFGpgVpTsGyfbhs5t4ZAqtmM3HmoSyqga3Hs0MlCZSYcRpXcP%2Fh8QwfuPvoWA80vwedVujaCl1Vgao%2BXDE%2FyDN7tvToy3F9hVh5g1hZ7zBWVn1%2BuVonz30RJUEigrqIk3acLNKAt5NmO6btUCzGEQ2RuxH7eOnGvwAAAP%2F%2FAQAA%2F%2F%2F33eidbQQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXuMlXvx12VsjCAoy6Z6Z3sy4aDC7RoIxifuDnKurqidlqquaqu7pSS4GF2TBy3hTT503yQY1iPsHCDIRZAkKO5clB%2BN%2F4EFh8SQyk4HRD7q%2F9%2Bp9h%2Fe%2Bqk8PigsSoKDnmx%2BYPakUXYhqgf%2FaltTclM5fv%2BOHQS247m9Jfa153e%2BNf7b7ZhhEteB1%2Fz3BdsxCPQiDIAxCf0VakZjewkSFzE7aYa0d1Jr1Whg10bP%2F567w4KgH3r0gL0Ly0bPbjx5CsiF0%2Bv1N4XZyk73xbloomhuLLj%2B%2Bq3e0KTXSGUysh0QfT6dh3IiQL67A6ONpApju4TgBYjki3pMQsT6e2kTcPbp0GisIjZg%2Fh7I7hFBDSDoEM%2Fcg%2BWMCMI71Dej0wbqxJd29VOlYHZG5p39BliMy99vL0Ol3y0r2%2FNtGFbk02qGXVJC9IWRniKw4Rb7nQZanYPknkPxXsvB0DTo93HDKQPJqkl7KIWQyhBJ9UOehGH%2FSQ5F4KDIPKT%2F3adROgmAxiZNGo9VkjDUajEWtazzijWYrCVCwsb0%2B8qwPpvpgdh%2BZ3ceO7MMWP8JtV3Dcg8tHxPtwH11eoRQEpSMoKUEpCcqcoOxWR1y5uqsecOWKOJz2%2BrQ3qoHJOwf0yOQdoclBdkFemOzln9af2BHnfpJErSBsCMbasWCtMFpsMB4FIooopUnShJMVpLsyibonR%2BTq4e%2FI5IjMffY2YnoKp07B5BXQIgQtB4v1AHR70GwF2NMnUufCalG6WqrATYUsn0O%2B6x2oC3J14uOVubsQ7Gzp5%2Fm3ssGTeTBbIbMVPpI%2FEXTU%2FcEtU5LDW6Z05OFGlstU7tHx3d3OaS6e%2BeZ9sVsay1dvuv7X77CxMIYnd4TL16jmUncc%2BXZZci7sirFMkB9W3ZaINwu3vVxYXWRrmzdWVtPMCuek0UNQ%2BXjjb7BxwFdfmrzK53%2F5A9IOYYsKaXFGpgVpTsGyfbhs5t4ZAqtmM3HmoSyqga3Hs0MlCZSYcRpXcP%2Fh8QwfuPvoWA80vwedVujaCl1Vgao%2BXDE%2FyDN7tvToy3F9hVh5g1hZ7zBWVn1%2BuVonz30RJUEigrqIk3acLNKAt5NmO6btUCzGEQ2RuxH7eOnGvwAAAP%2F%2FAQAA%2F%2F%2F33eidbQQAAA%3D%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Cookie: u_pl=16660722; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecff58013ecc9bec81573cd50e55aaaff4=[2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdb55a009e8a0867d58512014be589d6
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f1c45518b9bf016e4d08d82627299df
a5952aa6dc61ba3bd4e6149b81a9772034f0ce17
7c7b7487eaeb36381e21338f2192c9c53f2cb7621f536aebebf9472d9e29690b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7B7487EAEB36381E21338F2192C9C53F2CB7621F536AEBEBF9472D9E29690B"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20169
Expires: Thu, 24 Nov 2022 15:30:20 GMT
Date: Thu, 24 Nov 2022 09:54:11 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.10200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:11 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Sat, 26 Nov 2022 09:54:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
yearbookhobblespinal.com/watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1&shu=a8fed3e9e5020878e4db63babddcf0546e2990fc871327f2a0b56c442935b2fca11bc61732a21722956d86ca292ea3a89ea949567fcdfee0631ee15fad99e23981a943cdb8f670b32dd30ae878de6ed723b12636&pst=1669283711&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 yearbookhobblespinal.com/watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1&shu=a8fed3e9e5020878e4db63babddcf0546e2990fc871327f2a0b56c442935b2fca11bc61732a21722956d86ca292ea3a89ea949567fcdfee0631ee15fad99e23981a943cdb8f670b32dd30ae878de6ed723b12636&pst=1669283711&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2618)
Hash b2dec3dae9eb4606f49a079ae963405b
03c89a54417a36977de02637adcaa9e4c0a61727
d218842d325092622d6f12c82cbccd602f5174013b7835c05e6409a6be63282d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1266636679806.js?key=af4f67e2f75c9c693b5ba318e25c2258&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=46c4f750-f103-4739-b1d4-bb988d493582%3A3%3A1&shu=a8fed3e9e5020878e4db63babddcf0546e2990fc871327f2a0b56c442935b2fca11bc61732a21722956d86ca292ea3a89ea949567fcdfee0631ee15fad99e23981a943cdb8f670b32dd30ae878de6ed723b12636&pst=1669283711&rmtc=t HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Referer: https://magnews.ga/
Connection: keep-alive
Cookie: u_pl=16742752; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjc0Mjc1MiwiayI6ImFmNGY2N2UyZjc1YzljNjkzYjViYTMxOGUyNWMyMjU4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzA2OTg3LCJwaWQiOjI5Nzc5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwZ2h3eTF2ZGR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWFnbmV3cy5nYS8ifX0.HSqBO47cq82UIZ4XtUZJS4PKytnCNLUHrKCCpmhR0Gk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=46c4f750-f103-4739-b1d4-bb988d493582:3:1; expires=Thu, 01 Dec 2022 09:54:11 GMT; secure; SameSite=None
iprcd5554b3a11ec824b163588fe6971b03a=3569806; expires=Thu, 24 Nov 2022 13:54:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01cbcbf2deb5a50632197f27b4e2b949
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.10200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:11 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Sat, 26 Nov 2022 09:54:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1&shu=5fb31a3bc150ba2ffacc998e1a23f16417929e4225233e10723c913cfee5f52f2ddcb29251ffce43c52b7eabcd9fa1bc136237f8c905a09e1f3c755af53c7073c48e4a43046a5dd32d14dc5bb197c9f6f75974&pst=1669283711&rmtc=t
192.243.59.12200 OK 642 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1&shu=5fb31a3bc150ba2ffacc998e1a23f16417929e4225233e10723c913cfee5f52f2ddcb29251ffce43c52b7eabcd9fa1bc136237f8c905a09e1f3c755af53c7073c48e4a43046a5dd32d14dc5bb197c9f6f75974&pst=1669283711&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 816bc02ac5cabd79c1e11b5525cfac60
75938ad793885d5314c8620bc9fd5ab43cd5b330
5b78227de35f2fcac75c93b273e8d2a5661e77e9df48e513ad26bb092fa6cbed
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.49811699133.js?key=3c6e2f3e0d61313337d0d2f9d70f0bd4&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ga%2F&tz=0&dev=e&res=12.1055&uuid=6ea1bb95-ebdd-4309-bb46-92fed4690a98%3A2%3A1&shu=5fb31a3bc150ba2ffacc998e1a23f16417929e4225233e10723c913cfee5f52f2ddcb29251ffce43c52b7eabcd9fa1bc136237f8c905a09e1f3c755af53c7073c48e4a43046a5dd32d14dc5bb197c9f6f75974&pst=1669283711&rmtc=t HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ga
Referer: https://magnews.ga/
Connection: keep-alive
Cookie: u_pl=17854573; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NDU3MywiayI6IjNjNmUyZjNlMGQ2MTMxMzMzN2QwZDJmOWQ3MGYwYmQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzA2OTg3LCJwaWQiOjI5Nzc5MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoiZzhoZDhmeGYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLmdhLyJ9fQ.x8Xg8foDeaxR351SD3MKnXgPcFmLnFNNFFltQ-a23kw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 09:54:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ga
Access-Control-Allow-Origin: https://magnews.ga
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6ea1bb95-ebdd-4309-bb46-92fed4690a98:2:1; expires=Thu, 01 Dec 2022 09:54:11 GMT; secure; SameSite=None
iprc3778542224e04db88947ab80a6466292=2717343; expires=Fri, 25 Nov 2022 11:54:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 09:54:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a203c538289092e0eea7323ffa2f103
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.10200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:11 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Sat, 26 Nov 2022 09:54:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/pixel/sbe?t=1&error=timeout
192.243.61.225200 OK 0 B URL HTTP/1.1 integrityprinciplesthorough.com/pixel/sbe?t=1&error=timeout
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e487cd9f2c510d743bf85fcf001a9d05
7b669b8454abd9acab4e2dc304daf482a54b415f
0c366bee68f70cf86e947346153cb20144db0b5b37886494cde02c1023796c9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C366BEE68F70CF86E947346153CB20144DB0B5B37886494CDE02C1023796C9A"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20034
Expires: Thu, 24 Nov 2022 15:28:06 GMT
Date: Thu, 24 Nov 2022 09:54:12 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17854573
173.233.137.44200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17854573
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7eecfc70ea15617e6e7ff3f7d11029e1
3312437a82c28d801ff392a62a21f642cbacbe92
c0bf9e2db21befcc9060521c08c2807f654111b89cd23b331c486fa3700c2acc
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17854573 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 25 Nov 2022 09:54:12 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4NTQ1NzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLmdhLyJ9fQ.skU9tScpkGZixsUaLdDi3DrdhrOSFucwQZRceoTYQ9o; expires=Thu, 24 Nov 2022 09:55:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cfecc9c8a5637d3bca7b2b5839d6dff8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=1f48af612038081145ba8584db8669a25825629d34bbd5d71b75190fd4b4351f08cf7350f750c735f173f2d13b62a20ad4faefa35a4d028d87a4a447fdd3a0f941f12e39b01580589edf4560761dffdd9ec9549fcc773b34459d43998242591b90&pst=1669283712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmagnews.ga%2F&psid=17854573
173.233.137.44302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=1f48af612038081145ba8584db8669a25825629d34bbd5d71b75190fd4b4351f08cf7350f750c735f173f2d13b62a20ad4faefa35a4d028d87a4a447fdd3a0f941f12e39b01580589edf4560761dffdd9ec9549fcc773b34459d43998242591b90&pst=1669283712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmagnews.ga%2F&psid=17854573
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=1f48af612038081145ba8584db8669a25825629d34bbd5d71b75190fd4b4351f08cf7350f750c735f173f2d13b62a20ad4faefa35a4d028d87a4a447fdd3a0f941f12e39b01580589edf4560761dffdd9ec9549fcc773b34459d43998242591b90&pst=1669283712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmagnews.ga%2F&psid=17854573 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4NTQ1NzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLmdhLyJ9fQ.skU9tScpkGZixsUaLdDi3DrdhrOSFucwQZRceoTYQ9o; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 09:54:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a94a86dd596901676bec781309d572&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprcfdef3e82bf6f648672dedaf5c31c2225=3806410; expires=Fri, 25 Nov 2022 09:54:12 GMT
pdhtkv=true; expires=Fri, 25 Nov 2022 09:54:12 GMT
uncs=1; expires=Fri, 25 Nov 2022 09:54:12 GMT
pdhtkv28=true; expires=Fri, 25 Nov 2022 09:54:12 GMT
uncs28=1; expires=Fri, 25 Nov 2022 09:54:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1202ece22c1ca9485c86f447bb353466
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a94a86dd596901676bec781309d572&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a94a86dd596901676bec781309d572&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a94a86dd596901676bec781309d572&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=179z9l526o; expires=Fri, 25-Nov-2022 09:54:13 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148; expires=Fri, 25-Nov-2022 09:54:13 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=167369a6286039aa53&uclick=179z9l526o&uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=167369a6286039aa53&uclick=179z9l526o&uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=167369a6286039aa53&uclick=179z9l526o&uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=167369a6286039aa53&uclick=179z9l526o&uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148 HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=110597
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Etag: "637e3445-118"
Expires: Fri, 25 Nov 2022 16:37:30 GMT
Last-Modified: Wed, 23 Nov 2022 14:55:01 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 24 Nov 2022 09:54:13 GMT
date: Thu, 24 Nov 2022 09:54:13 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 74dd8320717f850bd9739435fe843531
6e80fe1bae668ecb3d907d166b18eddb56d23717
83100e3fab2dbce167d0cdb4a3bf71a4aa1c689e56b90eba52c6df0f5566ee43
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 09:54:13 GMT
expires: Thu, 24 Nov 2022 09:54:13 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.122.175302 Found 73 kB URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.122.175:0
Hash eee57672ecfa0f7f9aca9a3bf46aa7b2
65a15439a014d30f164ff46393bd678ccbe5cc9d
42fa7e63908c3176a578ddbf1aff15b9b1e94b76214dce625a27a0f42e2246c1
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 09:54:13 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJMGH6N8VB17G79K3GDKG71F-fra
cf-cache-status: HIT
age: 429
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f143130f8d1bfe-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=167369a6286039aa53&uclick=179z9l526o&uclickhash=179z9l526o-179z9l526o-17dz-166o-ir8n-bza7-oje8-015148
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 09:54:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 09:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 422536
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.140.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.140.24:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3c08d95e8a94c9359975bb164d476b61
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 09:54:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ni2bhGAvcuXZskLdcrj038A%2BSMKz6L14mOIdHLpmmSTQ0IkKRrwXG0qe9SHfN%2Bfr2FZhcNRCPzzxuUvWlbD1ryUHgPJDAJ980RXP%2FrtI%2BdWez11MmJAbeRSQz85tqiIrqWlaftY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f143018d167423-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.10200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 09:54:11 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Sat, 26 Nov 2022 09:54:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2