Report - sakshyammagazine.com/

Report Overview

Submitted URL
sakshyammagazine.com/
IP
45.129.2.102
ASN
#51659 LLC Baxet
Submitted
2022-09-09 09:18:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
sakshyammagazine.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	86 kB	45.129.2.102
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.6 kB	143.204.55.35
fleraprt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	488 B	139.45.195.254
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	915 B	1.5 kB	139.45.195.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.215.91.121
loajawun.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.0 kB	139.45.197.238
interstitial-07.com	36198	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	172 kB	139.45.197.153
ptauxofi.net	35628	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	51 kB	139.45.197.250
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	4.5 kB	142.250.74.10
upgulpinon.com	83187	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	5.4 kB	139.45.197.242
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	826 B	172.67.205.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
tobaltoyon.com	205250	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	4.7 kB	139.45.197.251
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	172.64.155.188
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	93 kB	104.22.33.172
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	76 kB	77.88.21.119
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.1 kB	139.45.197.236
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	36 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	191 kB	142.250.74.163
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.4 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	tobaltoyon.com/custom	Malware
2022-09-09	medium	tobaltoyon.com/custom	Malware
2022-09-09	medium	tobaltoyon.com/custom	Malware
2022-09-09	medium	tobaltoyon.com/custom	Malware
2022-09-09	medium	tobaltoyon.com/event	Malware
2022-09-09	medium	tobaltoyon.com/event	Malware
2022-09-09	medium	tobaltoyon.com/pfe/current/universal.min.js?v=3.1.392	Malware
2022-09-09	medium	tobaltoyon.com/pfe/current/tag.min.js?z=4862902	Malware
2022-09-09	medium	upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd	Malware
2022-09-09	medium	upgulpinon.com/1?z=4862911	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	fleraprt.com	Sinkholed
2022-09-09	medium	loajawun.com	Sinkholed
2022-09-09	medium	unphionetor.com	Sinkholed
2022-09-09	medium	unphionetor.com	Sinkholed
2022-09-09	medium	loajawun.com	Sinkholed
2022-09-09	medium	loajawun.com	Sinkholed
2022-09-09	medium	unphionetor.com	Sinkholed

JavaScript (17)

	URL	Size	First Seen	Last Seen
	interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	1.6 kB	2023-03-07	2023-03-07
Pretty URL interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.153 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-07 14:06:14 Times Seen1 Hash 26b047a6c75c55c239da29730bfd40ff 7cb1b97949e8298084b20191f778a48b08800b97 0af232624e7727c086830a7891044cbcb9376f1079af21cbd74734d2cd8a4890 Loading...

	upgulpinon.com/1?z=4862911	8.7 kB	2023-03-07	2023-03-07
Pretty URL upgulpinon.com/1?z=4862911 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-07 14:06:14 Times Seen1 Hash 1ee48c3b60c9b567e1e898a0f8803d60 ce6679bdef51f7447d2d80ce98c25e71fc5388a4 ae689652f47d913b0ad5bc96afd2f4ecbd3fd6143f02a9dc755825401c9ea8fe Loading...

	sakshyammagazine.com/	104 kB	2023-03-07	2023-03-17
Pretty URL sakshyammagazine.com/ IP 45.129.2.102 ASN #51659 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:19 Last Seen2023-03-17 11:42:01 Times Seen1 Hash 7490898c0f490720a0c78dfc9ba92b45 079a6dee4b0a234194ec1efb256d48f29a98cb30 6fdc6b3c308eb3057e6c2e8481a66960e145163d6375b37d00e75be68ea50497 Loading...

	mc.yandex.ru/metrika/tag.js	211 kB	2023-03-07	2023-03-17
Pretty URL mc.yandex.ru/metrika/tag.js IP 77.88.21.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:23:15 Last Seen2023-03-17 11:41:37 Times Seen1 Hash edee098e47e8168e31eb8689ad6b9cec b043258b73e2d89c0104ebed2ca8cad4bfe732d7 6760b266bef4409ce02ecdbb4f9e82fcd7ad8f249efa475558e88cfdd7d9e91e Loading...

	unphionetor.com/fv.js?t=72747&cb=583069811	5.2 kB	2023-03-07	2024-04-26
Pretty URL unphionetor.com/fv.js?t=72747&cb=583069811 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 22:21:47 Times Seen2357 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	loajawun.com/400/4862906	85 kB	2023-03-07	2023-03-07
Pretty URL loajawun.com/400/4862906 IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-07 14:06:14 Times Seen1 Hash 870d2603ed14e851e9ee8d5acc831f67 fe97d776fff32b880971e54b92f86b906c5484eb 117e5d82329b1b0f641bf4b6d7e707a4695b6d21e0fa1dd4a064c02bc7661744 Loading...

	tobaltoyon.com/pfe/current/tag.min.js?z=4862902	15 kB	2023-03-07	2023-03-17
Pretty URL tobaltoyon.com/pfe/current/tag.min.js?z=4862902 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:19 Last Seen2023-03-17 11:42:01 Times Seen1 Hash cc63ffb9d89c06962e77cf13c24d3ef1 caa98477427ff6b6d4f9dfcbddc32707f0f5e132 0bf6801ec18c86804afbf9afd9134b9b01735fb34500fc392c85b9ca48523c83 Loading...

	tzegilo.com/stattag.js	33 kB	2023-03-07	2023-03-17
Pretty URL tzegilo.com/stattag.js IP 172.67.205.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:21 Last Seen2023-03-17 12:47:57 Times Seen1 Hash df875929410d71d763e9fa10b830bb2a b0711a8d2bf6ad4ffa4640534588b423f2ef7fec 0be796b658c6cee0d55aa164994d0d83f9ec7aa7ecf1eb41c1ddf208bba9e3b1 Loading...

	sakshyammagazine.com/	103 B	2023-03-07	2023-03-07
Pretty URL sakshyammagazine.com/ IP 45.129.2.102 ASN #51659 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-07 14:06:14 Times Seen1 Hash 3f86c376adfb49e357dbd631a58dc67e a57cb05a6bc528b6291dc581ff4028cda8f8c82f 269c69bc64257732a07152b75b1b38cc9d0ba73c68ddf31aa4dd78698c8ce9dd Loading...

	sakshyammagazine.com/	43 B	2023-03-07	2024-04-16
Pretty URL sakshyammagazine.com/ IP 45.129.2.102 ASN #51659 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:49 Last Seen2024-04-16 15:20:10 Times Seen92 Hash ac3e5bab5c7148c91dbf0937d4aafe65 a6aa33b83b0e603c96b73bb06487af6500fc8dd9 4fed691a9f00fc814a06c12f14c18100e82549381b93e768f7c98e6482e7b203 Loading...

	sakshyammagazine.com/	358 B	2023-03-07	2023-03-11
Pretty URL sakshyammagazine.com/ IP 45.129.2.102 ASN #51659 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-11 21:51:42 Times Seen1 Hash 8d1934d7c824b15e3648d1014fa79cd8 213148d83707fecd51d339caa1ca297ba0f83703 2f4ba0a1b084064dc4260f487fee7aba8975514c3c98b54424c1e62ef53050cf Loading...

	upgulpinon.com/42/38?z=4862911	0 B	2023-03-07	2024-04-26
Pretty URL upgulpinon.com/42/38?z=4862911 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 23:56:22 Times Seen37105606 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sakshyammagazine.com/	170 B	2023-03-07	2023-03-11
Pretty URL sakshyammagazine.com/ IP 45.129.2.102 ASN #51659 LLC Baxet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-11 21:51:42 Times Seen1 Hash b4bb4284f7629bf613f6822306b6d507 01f23226319f5cc2e1aec16b45baf26a0f39e8a3 06ae665ad7b669e020f23a1e4f959cd1149661c307a5349f2ef5a05136e7e86f Loading...

	upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd	407 kB	2023-03-07	2023-03-17
Pretty URL upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:35 Last Seen2023-03-17 11:41:59 Times Seen1 Hash a15d23895013cd64c6054c8b0314689e 37f20d7ed84d124ef96051ed2b81ae1a33301af0 486b616ccd0babad56e248fd916494ff1d054fe42284ad1c749b6d786a1e9066 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4236353c0b1ad1fa59b95de19ee184ed	80 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:06:14 Last Seen2023-03-07 14:06:14 Times Seen1 Hash 4236353c0b1ad1fa59b95de19ee184ed 69082eb7431c0edc4c51b2c8d165221eb38b3c41 e52d240d49c7edcfe2270e982fe85861fa366d80c1e5e6f1340af24f27dc91f1 Loading...

	#2 Eval - f7fef8930207b23ec9c04386f9a02c76	24 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 04:21:59 Times Seen9426 Hash f7fef8930207b23ec9c04386f9a02c76 146273d1c716700bb25aaa15e8595624b611ffdf 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (101)

URL IP Response Size

sakshyammagazine.com/

45.129.2.102

301 Moved Permanently

162 B

URL HTTP/1.1
sakshyammagazine.com/
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET / HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Sep 2022 09:18:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://sakshyammagazine.com/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16520
Expires: Fri, 09 Sep 2022 13:53:20 GMT
Date: Fri, 09 Sep 2022 09:18:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 09:05:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dCpIzZHvMr5v28XgojPEpX_K4cCeuFkiJ-TjFvTkm9gYiyOooWQyrg==
Age: 735

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n-j8-APA4Gg5IyMFHr5_bDTL7p6PP7SLNLAeDh3QVuT7pi56oSj6Eg==
age: 19886
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bf1670278308db6269cff978b1009381
be3bae1dda3254ad7b9303dd06ebd9f86bf149b8
8e209374e4b876152bd29feaf08d215b338f37d503d9930f501b19d42280a0ae

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E209374E4B876152BD29FEAF08D215B338F37D503D9930F501B19D42280A0AE"
Last-Modified: Thu, 08 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Sep 2022 15:18:01 GMT
Date: Fri, 09 Sep 2022 09:18:01 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sakshyammagazine.com/ext/2.bp.blogspot.com/-axPZqrIt46A/V9BJfhMZY_I/AAAAAAAAAAQ/tA4ZfN90f60vzItK31KIfJPyzaU0F1CZQCK4B/s1600/logo-2.png

45.129.2.102

200 OK

2.4 kB

URL HTTP/2
sakshyammagazine.com/ext/2.bp.blogspot.com/-axPZqrIt46A/V9BJfhMZY_I/AAAAAAAAAAQ/tA4ZfN90f60vzItK31KIfJPyzaU0F1CZQCK4B/s1600/logo-2.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 320 x 90, 8-bit colormap, non-interlaced\012- data
Size
2.4 kB (2437 bytes)
Hash
296a8d402f31b4f2ee281812991d03cb
d2a0a9760f52f3e1c341490cea8606fa6ac69724
e42b63563b778bcbe082f320c1a8227c3f6eb46ec6d293f95a20cbd25b1fb85a

HTTP Headers

GET /ext/2.bp.blogspot.com/-axPZqrIt46A/V9BJfhMZY_I/AAAAAAAAAAQ/tA4ZfN90f60vzItK31KIfJPyzaU0F1CZQCK4B/s1600/logo-2.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 2437
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-985"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2cb90a707822e707e5f7b1f91248e6f4
67fbbb968930b83eaeb082662a67a8d781293caa
36aff03cca6066d2d6f3eceeb81cdd257581d1b62859bfc92568847db2e2fb56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36AFF03CCA6066D2D6F3ECEEB81CDD257581D1B62859BFC92568847DB2E2FB56"
Last-Modified: Wed, 07 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17579
Expires: Fri, 09 Sep 2022 14:11:00 GMT
Date: Fri, 09 Sep 2022 09:18:01 GMT
Connection: keep-alive

sakshyammagazine.com/ext/blogger.com/static/v1/widgets/1832531788-widget_css_bundle.css

45.129.2.102

200 OK

6.7 kB

URL HTTP/2
sakshyammagazine.com/ext/blogger.com/static/v1/widgets/1832531788-widget_css_bundle.css
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
data
Size
6.7 kB (6697 bytes)
Hash
0d8c396d6b235492152653d26b2057e4
80075dc5251c7bad80b9b284cdc911e7746adfd8
96ff76250261f148944c78f77eaf1b48b5466452a6e8f168164b1fb0c591bfbd

HTTP Headers

GET /ext/blogger.com/static/v1/widgets/1832531788-widget_css_bundle.css HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Feb 2022 17:02:24 GMT
vary: Accept-Encoding
etag: W/"61fab920-7395"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43a06e9a8a354193cbac8609ca903f3c
c45ea6f35885b6a0fb5271013303d6c3ead04b68
474add3a9a37d7f0e18e3af264fd653f7eef083a640283feb552c1e7c4a4fc99

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "474ADD3A9A37D7F0E18E3AF264FD653F7EEF083A640283FEB552C1E7C4A4FC99"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9084
Expires: Fri, 09 Sep 2022 11:49:25 GMT
Date: Fri, 09 Sep 2022 09:18:01 GMT
Connection: keep-alive

sakshyammagazine.com/ext/i.ytimg.com/vi/CPAhtsu8eP4/default.jpg

45.129.2.102

200 OK

4.2 kB

URL HTTP/2
sakshyammagazine.com/ext/i.ytimg.com/vi/CPAhtsu8eP4/default.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size
4.2 kB (4234 bytes)
Hash
ba814cacedfa2a72295b5cfb6f7f9fb0
8fd22a1dc873e23f40b55fe27889f05a1f430252
5016bdd182d9189a7ae4d54e92781238b0ae9450f6abff52f20bb10f59018db4

HTTP Headers

GET /ext/i.ytimg.com/vi/CPAhtsu8eP4/default.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 4234
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-108a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-yh5c-ue0xua/yakntyq2tei/aaaaaaaaise/o3vk5japdx8z8q2lkete-yq7zobiss9kwclcbgasyhq/s72-w533-c-h300/ahankaram-manisini-niluvella-dahincivestundi.jpg

45.129.2.102

200 OK

2.1 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-yh5c-ue0xua/yakntyq2tei/aaaaaaaaise/o3vk5japdx8z8q2lkete-yq7zobiss9kwclcbgasyhq/s72-w533-c-h300/ahankaram-manisini-niluvella-dahincivestundi.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.1 kB (2093 bytes)
Hash
e1186e010aa4930f78cafb482ed83196
4802253506f3952a990970a2a7cf80a551715829
014b771cc50ee6a7d52f90498a0b047ba331f426c0dd4ffe237dbf08657ae2e8

HTTP Headers

GET /ext/1.bp.blogspot.com/-yh5c-ue0xua/yakntyq2tei/aaaaaaaaise/o3vk5japdx8z8q2lkete-yq7zobiss9kwclcbgasyhq/s72-w533-c-h300/ahankaram-manisini-niluvella-dahincivestundi.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2093
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-82d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/i.ytimg.com/vi/E5ayuflcdFc/default.jpg

45.129.2.102

200 OK

4.3 kB

URL HTTP/2
sakshyammagazine.com/ext/i.ytimg.com/vi/E5ayuflcdFc/default.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size
4.3 kB (4337 bytes)
Hash
01fd458632660699131cc1bfb48f8174
094b56e835c463dce636a44c2c1692921c6662e4
95b6f298705ccccbb730cc90164d5bbe02f0f7e6f0ffaab18c958d276fb4a059

HTTP Headers

GET /ext/i.ytimg.com/vi/E5ayuflcdFc/default.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 4337
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-10f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/3.bp.blogspot.com/-zP87C2q9yog/UVopoHY30SI/AAAAAAAAE5k/AIyPvrpGLn8/s160/picture_not_available.png

45.129.2.102

200 OK

938 B

URL HTTP/2
sakshyammagazine.com/ext/3.bp.blogspot.com/-zP87C2q9yog/UVopoHY30SI/AAAAAAAAE5k/AIyPvrpGLn8/s160/picture_not_available.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 160 x 120, 8-bit grayscale, non-interlaced\012- data
Size
938 B (938 bytes)
Hash
1f013decd384e06ce5c40de4eac3a481
8dd95200265225cc0c8cb693e19d87487694048b
fd76146ea04fb257880a1653a1673923b0cdfbcf0595d2434e0831d1c28bf850

HTTP Headers

GET /ext/3.bp.blogspot.com/-zP87C2q9yog/UVopoHY30SI/AAAAAAAAE5k/AIyPvrpGLn8/s160/picture_not_available.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 938
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-3aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-_AcRI-XDmpY/XfBnwjix9bI/AAAAAAAAGwI/MHj2UNtzahArrQ0yUXwF6xBiCS3iVAXsACLcBGAsYHQ/s72-c/nrc-sakshyammagazine2.jpg

45.129.2.102

200 OK

2.1 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-_AcRI-XDmpY/XfBnwjix9bI/AAAAAAAAGwI/MHj2UNtzahArrQ0yUXwF6xBiCS3iVAXsACLcBGAsYHQ/s72-c/nrc-sakshyammagazine2.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.1 kB (2077 bytes)
Hash
366bc268ce9a3877ee3c9a97446962a2
9ba2c680124dbffe656a4efc243cb9581c458965
23a4ef4779d37ac1d7e6961db4235af518a6253601af8bb2aab029d605d382a2

HTTP Headers

GET /ext/1.bp.blogspot.com/-_AcRI-XDmpY/XfBnwjix9bI/AAAAAAAAGwI/MHj2UNtzahArrQ0yUXwF6xBiCS3iVAXsACLcBGAsYHQ/s72-c/nrc-sakshyammagazine2.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2077
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-81d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-hIU4VfHe2Z8/XfBmq6befMI/AAAAAAAAGv8/q3fsowZaSOUNIkO24kLy3wwzGK-od8SngCLcBGAsYHQ/s72-c/nrc-sakshyammagazine.jpg

45.129.2.102

200 OK

1.6 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-hIU4VfHe2Z8/XfBmq6befMI/AAAAAAAAGv8/q3fsowZaSOUNIkO24kLy3wwzGK-od8SngCLcBGAsYHQ/s72-c/nrc-sakshyammagazine.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
1.6 kB (1616 bytes)
Hash
a85393afd88babeba76c36486686be1f
c219e74a741b63c6af25f0b2b0c3352668d20765
18816df8d1fa9833ce6791fbbebba1a92851ae31b5cf09cc979ba85c71ae1849

HTTP Headers

GET /ext/1.bp.blogspot.com/-hIU4VfHe2Z8/XfBmq6befMI/AAAAAAAAGv8/q3fsowZaSOUNIkO24kLy3wwzGK-od8SngCLcBGAsYHQ/s72-c/nrc-sakshyammagazine.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 1616
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-650"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-W2dop8Lgsps/Xbbt8QrbdkI/AAAAAAAAGig/a_PvY6TbcdYiWBhb-IAoNdPGdpzTIDSkACLcBGAsYHQ/s72-c/mm1.jpg

45.129.2.102

200 OK

2.1 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-W2dop8Lgsps/Xbbt8QrbdkI/AAAAAAAAGig/a_PvY6TbcdYiWBhb-IAoNdPGdpzTIDSkACLcBGAsYHQ/s72-c/mm1.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.1 kB (2068 bytes)
Hash
132ca7877ff5c58928b9809f8881e958
0c561b701216ed166017344804740c210f0895e5
66fc3a5a7406fabb35be16b9a92e62b60e26ed763d74a6b96b3eeec5aaac323f

HTTP Headers

GET /ext/1.bp.blogspot.com/-W2dop8Lgsps/Xbbt8QrbdkI/AAAAAAAAGig/a_PvY6TbcdYiWBhb-IAoNdPGdpzTIDSkACLcBGAsYHQ/s72-c/mm1.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2068
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-814"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/i.ytimg.com/vi/yAW0-r_w8C8/default.jpg

45.129.2.102

200 OK

4.7 kB

URL HTTP/2
sakshyammagazine.com/ext/i.ytimg.com/vi/yAW0-r_w8C8/default.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size
4.7 kB (4735 bytes)
Hash
8a394a7751b9f88f8341cd2428372c3c
90e493b54443486099c8524de8307e2da0f6b727
450b9be0b0951984b1d5d77c67c4dbfd6ebfbfc01650b80c91385621c0292c60

HTTP Headers

GET /ext/i.ytimg.com/vi/yAW0-r_w8C8/default.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 4735
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-127f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/i.ytimg.com/vi/F820MRlJ090/default.jpg

45.129.2.102

200 OK

5.2 kB

URL HTTP/2
sakshyammagazine.com/ext/i.ytimg.com/vi/F820MRlJ090/default.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size
5.2 kB (5218 bytes)
Hash
762eff7a4e22236fe98d58400a32800d
257c042e64ac2615e9b5edcc8c4de3e777b8f259
c433de64ec0c83a40e53f90d7aa2dc632fe437c792d7d459186afb62e99f3518

HTTP Headers

GET /ext/i.ytimg.com/vi/F820MRlJ090/default.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 5218
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-1462"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/i.ytimg.com/vi/r0oU5_wOyXI/default.jpg

45.129.2.102

200 OK

4.6 kB

URL HTTP/2
sakshyammagazine.com/ext/i.ytimg.com/vi/r0oU5_wOyXI/default.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Size
4.6 kB (4616 bytes)
Hash
16a8846ad3f05443f95c30e5edaefdcb
455e0dff2e28fa1635b209d97d4a3e58e3f690f1
be765e15fad6f38924e885e9173c1a158f070311657f40e733bb2141a7041ea0

HTTP Headers

GET /ext/i.ytimg.com/vi/r0oU5_wOyXI/default.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 4616
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-1208"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/4.bp.blogspot.com/-jlh2gwerzmu/wab2y_dyc1i/aaaaaaaadcm/eg2aglzcf-kiqotmukidj9o8vc_xx51vwclcb/s72-c/hindu-books.jpg

45.129.2.102

200 OK

3.1 kB

URL HTTP/2
sakshyammagazine.com/ext/4.bp.blogspot.com/-jlh2gwerzmu/wab2y_dyc1i/aaaaaaaadcm/eg2aglzcf-kiqotmukidj9o8vc_xx51vwclcb/s72-c/hindu-books.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
3.1 kB (3103 bytes)
Hash
182aa51e7d7231f37058e1473adc2d30
9572cc0b29374b4b4698f1fb4ba0f11048c7a401
1f9af8249b93b08074ad94c664be9bd2e0e29c9b47f6df5198de27651bcbe73f

HTTP Headers

GET /ext/4.bp.blogspot.com/-jlh2gwerzmu/wab2y_dyc1i/aaaaaaaadcm/eg2aglzcf-kiqotmukidj9o8vc_xx51vwclcb/s72-c/hindu-books.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 3103
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-c1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Mandali|Ramabhadra

142.250.74.10

200 OK

717 B

URL HTTP/2
fonts.googleapis.com/css?family=Mandali|Ramabhadra
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
717 B (717 bytes)
Hash
1f2d8160f215505b45f7550ae6c7eb89
7efab67231784f373ade54903e75858d4fe2c7fa
5866ce616a2460cfb4eecf9c627f67331f1156513861f728977f23dde2d0f545

HTTP Headers

GET /css?family=Mandali|Ramabhadra HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 09:18:01 GMT
date: Fri, 09 Sep 2022 09:18:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sakshyammagazine.com/ext/3.bp.blogspot.com/-9wdhnjnw8fY/Vo1RhJdqpmI/AAAAAAAACpQ/T-hYeBlXSBE/s72-c/vigraham1.jpg

45.129.2.102

200 OK

1.3 kB

URL HTTP/2
sakshyammagazine.com/ext/3.bp.blogspot.com/-9wdhnjnw8fY/Vo1RhJdqpmI/AAAAAAAACpQ/T-hYeBlXSBE/s72-c/vigraham1.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
1.3 kB (1284 bytes)
Hash
b4f2c79140927653045c0e48a6d82428
e880693a0084539f2af4848b9f24b9a807707122
4d9ae19e96e274e8153c26d2f98c09c9368fc95b1fe8d32b5355fe0f607a4a0e

HTTP Headers

GET /ext/3.bp.blogspot.com/-9wdhnjnw8fY/Vo1RhJdqpmI/AAAAAAAACpQ/T-hYeBlXSBE/s72-c/vigraham1.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 1284
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-504"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/3.bp.blogspot.com/-WFSqouH1cD4/WW5DnkiSTRI/AAAAAAAAEWo/s0IBZ-V9AqgbLuFTfHhdhz2_J4fVswtcQCLcBGAs/s72-c/index-315754_640.jpg

45.129.2.102

200 OK

907 B

URL HTTP/2
sakshyammagazine.com/ext/3.bp.blogspot.com/-WFSqouH1cD4/WW5DnkiSTRI/AAAAAAAAEWo/s0IBZ-V9AqgbLuFTfHhdhz2_J4fVswtcQCLcBGAs/s72-c/index-315754_640.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
907 B (907 bytes)
Hash
bdd3b2e54e583477dcf083b17a9ae8f1
9abc2acc414eb22318efc0a0df0004b0852e71c9
ad09e8f1bb5c74760dd6f02391afcddbca0778e895d8de2fbe15445a9e1c92be

HTTP Headers

GET /ext/3.bp.blogspot.com/-WFSqouH1cD4/WW5DnkiSTRI/AAAAAAAAEWo/s0IBZ-V9AqgbLuFTfHhdhz2_J4fVswtcQCLcBGAs/s72-c/index-315754_640.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 907
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-38b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/2.bp.blogspot.com/-resytxtgdlm/vlq6kavyiji/aaaaaaaacok/bqpdgudnloc/s72-c/siluva-copy.jpg

45.129.2.102

200 OK

3.1 kB

URL HTTP/2
sakshyammagazine.com/ext/2.bp.blogspot.com/-resytxtgdlm/vlq6kavyiji/aaaaaaaacok/bqpdgudnloc/s72-c/siluva-copy.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
3.1 kB (3051 bytes)
Hash
def90d7a36aae2e87bca27ddd3c14b32
86289a3d8bbc993c668fb3bc5368c151e241c6e5
a8da5b638fd474ab64d0a4ac636b43e95f71a5a010be326af5e86b9eabd664c1

HTTP Headers

GET /ext/2.bp.blogspot.com/-resytxtgdlm/vlq6kavyiji/aaaaaaaacok/bqpdgudnloc/s72-c/siluva-copy.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 3051
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-beb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/3.bp.blogspot.com/-ArBeGZsSSCc/VVmWuyKQfoI/AAAAAAAABLk/LXaD4g9ACTg/s72-c/images1.jpg

45.129.2.102

200 OK

2.0 kB

URL HTTP/2
sakshyammagazine.com/ext/3.bp.blogspot.com/-ArBeGZsSSCc/VVmWuyKQfoI/AAAAAAAABLk/LXaD4g9ACTg/s72-c/images1.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.0 kB (2034 bytes)
Hash
39b07e22a5580be0a9a8c35302f0b9a5
2613b5728f2c5fcfc77f4a7953ab1f556747c31d
7260840813ef511c2ec1fe07e65530309462d6f7934ded5eb3b3212c4b50130a

HTTP Headers

GET /ext/3.bp.blogspot.com/-ArBeGZsSSCc/VVmWuyKQfoI/AAAAAAAABLk/LXaD4g9ACTg/s72-c/images1.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2034
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-7f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-2CH4nlDMjt4/VPQZ2hjUTVI/AAAAAAAAAyk/y09Vw2GMkaQ/s72-c/ram.jpg

45.129.2.102

200 OK

3.2 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-2CH4nlDMjt4/VPQZ2hjUTVI/AAAAAAAAAyk/y09Vw2GMkaQ/s72-c/ram.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
3.2 kB (3201 bytes)
Hash
a9fdeadcc470b679f84730ce099baa6a
34c76149f9bd1fc0868f2b02c6be481c7f88a7aa
1f515ebab37b34c29cf6687c369425127b9cd5c75b092b4f2f2337c784a8e5da

HTTP Headers

GET /ext/1.bp.blogspot.com/-2CH4nlDMjt4/VPQZ2hjUTVI/AAAAAAAAAyk/y09Vw2GMkaQ/s72-c/ram.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 3201
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-c81"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/4.bp.blogspot.com/-FDU3Ly_CHSg/WB1_Ku1RcMI/AAAAAAAADF8/_myuIv9MkWY6baXzhU86NkiUp5rOBbAawCLcB/s72-c/clip_image0034.jpg

45.129.2.102

200 OK

2.4 kB

URL HTTP/2
sakshyammagazine.com/ext/4.bp.blogspot.com/-FDU3Ly_CHSg/WB1_Ku1RcMI/AAAAAAAADF8/_myuIv9MkWY6baXzhU86NkiUp5rOBbAawCLcB/s72-c/clip_image0034.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.4 kB (2375 bytes)
Hash
85ebc9be86db6f333b2a410898494d57
9210381896ff8e048422de0b31f4202c2e3ba551
c42c0c53bab8c0c3e14655805e555a1879ed76eaa2d05bb4228e2a8ad7a56479

HTTP Headers

GET /ext/4.bp.blogspot.com/-FDU3Ly_CHSg/WB1_Ku1RcMI/AAAAAAAADF8/_myuIv9MkWY6baXzhU86NkiUp5rOBbAawCLcB/s72-c/clip_image0034.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2375
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-947"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/4.bp.blogspot.com/-bge-g728wbk/vc3vegyzt9i/aaaaaaaabx4/70gwt81miqy/s72-c/sakshyam-image.png

45.129.2.102

200 OK

8.5 kB

URL HTTP/2
sakshyammagazine.com/ext/4.bp.blogspot.com/-bge-g728wbk/vc3vegyzt9i/aaaaaaaabx4/70gwt81miqy/s72-c/sakshyam-image.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size
8.5 kB (8545 bytes)
Hash
cefcaab903029d425e9bea2001734716
3fbb9d3ae95ed1e20b8f90cfbb90063490ca5a49
c3956b7f992ef6fbf986981d602aa5d9f553091865042707f93fe06b2a06a296

HTTP Headers

GET /ext/4.bp.blogspot.com/-bge-g728wbk/vc3vegyzt9i/aaaaaaaabx4/70gwt81miqy/s72-c/sakshyam-image.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 8545
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-2161"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-GRvGcG5Hmco/VYbUkVLIVgI/AAAAAAAABWo/4rcHe92Tijw/s72-c/Yoga1.png

45.129.2.102

200 OK

7.4 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-GRvGcG5Hmco/VYbUkVLIVgI/AAAAAAAABWo/4rcHe92Tijw/s72-c/Yoga1.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size
7.4 kB (7437 bytes)
Hash
c2aa0ea520cad4c414680abd84328659
1da8e73c482ca38da31443dcc08be2db50b74ae8
1ec139f3940cfe7c18bd9540eb605b5586df25d06e27f5ac5a24123492e9df1d

HTTP Headers

GET /ext/1.bp.blogspot.com/-GRvGcG5Hmco/VYbUkVLIVgI/AAAAAAAABWo/4rcHe92Tijw/s72-c/Yoga1.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 7437
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-1d0d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/1.bp.blogspot.com/-lbOcHaVIZ90/VO7Xq98UTgI/AAAAAAAAAws/Z64eYmm90nA/s72-c/gita1.jpg

45.129.2.102

200 OK

2.2 kB

URL HTTP/2
sakshyammagazine.com/ext/1.bp.blogspot.com/-lbOcHaVIZ90/VO7Xq98UTgI/AAAAAAAAAws/Z64eYmm90nA/s72-c/gita1.jpg
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.2 kB (2238 bytes)
Hash
6c2de1021f36e1d00a7ed472e57a72f2
f88cec9f1e581a00203959bdb65743ba7b75204c
43e69b4ea8ffe7fa6798a92637ce39b2443706bb1c165de283a736949e7fff08

HTTP Headers

GET /ext/1.bp.blogspot.com/-lbOcHaVIZ90/VO7Xq98UTgI/AAAAAAAAAws/Z64eYmm90nA/s72-c/gita1.jpg HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/jpeg
content-length: 2238
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-8be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

sakshyammagazine.com/ext/4.bp.blogspot.com/-2q_j_DMlgEo/U484C4rShZI/AAAAAAAAAEE/v5uTdrF1z-Q/s1600/bgyahoostyleblog.png

45.129.2.102

200 OK

166 B

URL HTTP/2
sakshyammagazine.com/ext/4.bp.blogspot.com/-2q_j_DMlgEo/U484C4rShZI/AAAAAAAAAEE/v5uTdrF1z-Q/s1600/bgyahoostyleblog.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 5 x 200, 8-bit/color RGB, non-interlaced\012- data
Size
166 B (166 bytes)
Hash
9e19cc538a8954806ef2731f62fef54b
d922fb06c8409a067f8b9c022796957a5ef8f0b5
ade32b6c022edc7f60bbb272020ad49cd81f19315dc630eec0c232ca22ce261b

HTTP Headers

GET /ext/4.bp.blogspot.com/-2q_j_DMlgEo/U484C4rShZI/AAAAAAAAAEE/v5uTdrF1z-Q/s1600/bgyahoostyleblog.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 166
last-modified: Wed, 02 Feb 2022 17:02:18 GMT
etag: "61fab91a-a6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Sans

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Droid+Sans
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1527 bytes)
Hash
63a4c2177d3239a4040f3043604a14bf
e37963d86e91038708e69693f884568316f96f4a
0996168055b31b0888ef9aa05b6fd449d13abc8ca07742d567b270c818572d74

HTTP Headers

GET /css?family=Droid+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 09:18:01 GMT
date: Fri, 09 Sep 2022 09:18:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/mandali/v14/LhWlMVbYOfASNfNUZF4_ZQ.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/mandali/v14/LhWlMVbYOfASNfNUZF4_ZQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12704, version 1.0\012- data
Size
13 kB (12704 bytes)
Hash
08d5b3b8c110ba05b44e14d7eba1b5cb
3d151843b8e99f7ad849da0293475ac53abce9f7
06280be85834eefc1ad0f8afcc35e81021e3572628ab919e30a0d854bda0e584

HTTP Headers

GET /s/mandali/v14/LhWlMVbYOfASNfNUZF4_ZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:14:33 GMT
expires: Thu, 07 Sep 2023 05:14:33 GMT
cache-control: public, max-age=31536000
age: 187408
last-modified: Tue, 26 Apr 2022 15:20:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4821
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Last-Modified: Fri, 09 Sep 2022 07:57:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:38:35 GMT
expires: Tue, 05 Sep 2023 21:38:35 GMT
cache-control: public, max-age=31536000
age: 301166
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/mandali/v14/LhWlMVbYOfASNfNUZEI_Zcdc.woff2

142.250.74.163

200 OK

136 kB

URL HTTP/2
fonts.gstatic.com/s/mandali/v14/LhWlMVbYOfASNfNUZEI_Zcdc.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 135584, version 1.0\012- data
Size
136 kB (135584 bytes)
Hash
4b4470572ef80eda756f553c41bb2b81
87d4c2607610c4eaf151f3b38a5dbf5e920c2ca1
e001536f0d9465f6c22882d5f56fb349f44e3e81eea46f9a521ba9eecf4e65ef

HTTP Headers

GET /s/mandali/v14/LhWlMVbYOfASNfNUZEI_Zcdc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 135584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 09:58:45 GMT
expires: Sun, 03 Sep 2023 09:58:45 GMT
cache-control: public, max-age=31536000
age: 515956
last-modified: Tue, 26 Apr 2022 15:24:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 23:13:09 GMT
expires: Wed, 06 Sep 2023 23:13:09 GMT
cache-control: public, max-age=31536000
age: 209092
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 09:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tobaltoyon.com/zone?pub=0&zone_id=4862902&is_mobile=false&domain=sakshyammagazine.com&var=&ymid=&var_3=

139.45.197.251

200 OK

664 B

URL HTTP/2
tobaltoyon.com/zone?pub=0&zone_id=4862902&is_mobile=false&domain=sakshyammagazine.com&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
7d3414f9b12b874dc7b28b868c7d68c7
51f5939d224b3bf7bd8bb5e2fcf91f5e4a8318ac
45aa826474ab27ac4f5eea7f8eabd54c95efea04b018fffb21aaa3f28168d552

HTTP Headers

GET /zone?pub=0&zone_id=4862902&is_mobile=false&domain=sakshyammagazine.com&var=&ymid=&var_3= HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 01c5469e7b1a326944df13f40e104ad0
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

upgulpinon.com/42/38?z=4862911

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/42/38?z=4862911
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /42/38?z=4862911 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Cookie: scm=1; OAID=a3a6db01347a48668e333b73afb7a876; oaidts=1662715081
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2d0932aef9c04ce9f274670707243390
access-control-expose-headers: X-Sc
set-cookie: OAID=a3a6db01347a48668e333b73afb7a876; expires=Sat, 09 Sep 2023 09:18:01 GMT; secure; SameSite=None
oaidts=1662715081; expires=Sat, 09 Sep 2023 09:18:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mVRmWRHyAQQ2tE0PG1y8AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZedvI+eb0sMOanHl2XxS7LKWQSo=

sakshyammagazine.com/favicon.png

45.129.2.102

200 OK

541 B

URL HTTP/2
sakshyammagazine.com/favicon.png
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
541 B (541 bytes)
Hash
5a7b83a303e56600dc6a2a394318ae4f
f511a56e34dbe2895eeeeff59dbbe56b59db8284
edd21604be5578fc6f2654d27cc1cb7054e8ae61eb79a72337aa1ca5e8182026

HTTP Headers

GET /favicon.png HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: image/png
content-length: 541
last-modified: Wed, 02 Feb 2022 18:37:58 GMT
etag: "61facf86-21d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

940 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
2876d9eccb85572e6bb6d9025f606fcc
ce9c62fee15a58660e4df9379181906d906dcac4
00a7cb015d740365503fb515da43c6ade0d07b6b8666ae24cd0249cc89431487

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:18:01 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 13 Sep 2022 05:56:33 GMT
ETag: "ce9c62fee15a58660e4df9379181906d906dcac4"
Last-Modified: Fri, 09 Sep 2022 05:56:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1095
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747ed58e1976b500-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
431bccffdaad5a26e75e6dd4f8b1abaa
e4b0ac57e7c2d6d00e508cd99231b0f8d58942af
d2b9c8db43c744d36bc73630962238d7fb9017730f8ef8df9b6af1913b08cf35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:18:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:52:23 GMT
Expires: Thu, 15 Sep 2022 12:52:22 GMT
Etag: "e4b0ac57e7c2d6d00e508cd99231b0f8d58942af"
Cache-Control: max-age=530660,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747ed58dea9bfac0-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 09:18:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=550638,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747ed58e1f48b4f4-OSL

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://sakshyammagazine.com
Content-Length: 1516
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Sep 2022 09:18:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://sakshyammagazine.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
1e00497c69787b9afd3f8cdc32c9b327
633742807fcc9908973f3490d3c871d4a44756b1
aec7457b473052a6589cb323956c77db937204e161af79d6b5cacce02c99292f

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tobaltoyon.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
tobaltoyon.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

tobaltoyon.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
tobaltoyon.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Content-Type: application/json
Origin: https://sakshyammagazine.com
Content-Length: 377
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f1b4b4fa68717d8cfb339d0cdb36aed5
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

upgulpinon.com/9?z=4862911&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=825772b9ce0f44189a11cdea1c806e18

139.45.197.242

204 No Content

0 B

URL HTTP/2
upgulpinon.com/9?z=4862911&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=825772b9ce0f44189a11cdea1c806e18
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9?z=4862911&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=825772b9ce0f44189a11cdea1c806e18 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/tag.js

77.88.21.119

200 OK

72 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Size
72 kB (72380 bytes)
Hash
f948ad97d8bcc64c1eee91e4e703f3f5
b5c35b5c139ddec32fe96bf89863fcf0845262bf
0d2dc3bdec9010c5375ac3fab62d3f33c2a3f961c6c974f2c0da8d584ed441e1

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 72380
date: Fri, 09 Sep 2022 09:18:01 GMT
access-control-allow-origin: *
etag: "63186565-11abc"
expires: Fri, 09 Sep 2022 10:18:01 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

loajawun.com/500/4862906?excludes=&oaid=825772b9ce0f44189a11cdea1c806e18&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsakshyammagazine.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.238

200 OK

0 B

URL HTTP/2
loajawun.com/500/4862906?excludes=&oaid=825772b9ce0f44189a11cdea1c806e18&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsakshyammagazine.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/4862906?excludes=&oaid=825772b9ce0f44189a11cdea1c806e18&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsakshyammagazine.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: loajawun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

tobaltoyon.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
tobaltoyon.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Content-Type: application/json
Origin: https://sakshyammagazine.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1466dffe590f22f1f612d6076a506cd7
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=537315b1f247482aa286a8e7dcdb972a&zoneId=4862902&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=537315b1f247482aa286a8e7dcdb972a&zoneId=4862902&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
1e00497c69787b9afd3f8cdc32c9b327
633742807fcc9908973f3490d3c871d4a44756b1
aec7457b473052a6589cb323956c77db937204e161af79d6b5cacce02c99292f

HTTP Headers

GET /gid.js?pub=0&userId=537315b1f247482aa286a8e7dcdb972a&zoneId=4862902&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Cookie: ID=825772b9ce0f44189a11cdea1c806e18
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tobaltoyon.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
tobaltoyon.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Content-Type: application/json
Origin: https://sakshyammagazine.com
Content-Length: 741
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 4aa3497249bbcb201d43c3054791f836
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

upgulpinon.com/11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=258

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=258
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=258 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Cookie: scm=1; OAID=825772b9ce0f44189a11cdea1c806e18; oaidts=1662715081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f4dc1c9b7e51a797474ddeb9a0b16085
access-control-expose-headers: X-Sc
set-cookie: OAID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
oaidts=1662715081; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png

104.22.33.172

200 OK

93 kB

URL HTTP/2
offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
93 kB (92662 bytes)
Hash
b89a854cfb66584b3f5fef24e571e8b5
9bb5f94bcc641c8cfbc2e24f0a2af5bd07a3a1ea
7228a1274993f4e608b4f0952b2197db136917df3d8ae95ea16a9a34769945e7

HTTP Headers

GET /www/images/b89a854cfb66584b3f5fef24e571e8b5.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: image/png
content-length: 92662
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-169f6"
expires: Fri, 09 Sep 2022 16:14:32 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 61410
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 747ed5916c1a95ee-ARN
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ba04a5ffb454c6515d31137d4aff0592
56514ad2632345f3a2ba65014fad4a4564fc53d5
5ead23c004fb06735a1fc4f6c6846a5cb43d28fc25788b74113ca59670f72154

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EAD23C004FB06735A1FC4F6C6846A5CB43D28FC25788B74113CA59670F72154"
Last-Modified: Thu, 08 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8295
Expires: Fri, 09 Sep 2022 11:36:17 GMT
Date: Fri, 09 Sep 2022 09:18:02 GMT
Connection: keep-alive

mc.yandex.ru/metrika/advert.gif

77.88.21.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 09:18:02 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Fri, 09 Sep 2022 10:18:02 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0b4f8cfe3ae0b2a942060418ef844463
cb576777e4c03ef96c6beed242859b93dae93a6b
72f4401deab3fbc9c41ef65a61a3f3cb255103fd68077dfb32166ea283aacb05

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72F4401DEAB3FBC9C41EF65A61A3F3CB255103FD68077DFB32166EA283AACB05"
Last-Modified: Wed, 07 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6449
Expires: Fri, 09 Sep 2022 11:05:31 GMT
Date: Fri, 09 Sep 2022 09:18:02 GMT
Connection: keep-alive

mc.yandex.ru/watch/87374609/1?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29

77.88.21.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/87374609/1?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
6a4d738584e5ee63b36c7b7ba2fd89a1
77b71e3fd301523aa7e7e91fff675cadaa83a929
e94eb53fec7dd82330089fdaad25ed97d11e69b7f20467b88f9f993843f721d2

HTTP Headers

GET /watch/87374609/1?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakshyammagazine.com
Referer: https://sakshyammagazine.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Fri, 09 Sep 2022 09:18:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 09:18:02 GMT
last-modified: Fri, 09-Sep-2022 09:18:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6196248d34769fa746f3ce857cca25e3
7056a0fdc2a1f06e809165462c11e90cce742e3b
f0a10f2f7961a948de7f64b7530139b1a8abf691fd981f1b5a7c1afff2229c75

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0A10F2F7961A948DE7F64B7530139B1A8ABF691FD981F1B5A7C1AFFF2229C75"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5824
Expires: Fri, 09 Sep 2022 10:55:06 GMT
Date: Fri, 09 Sep 2022 09:18:02 GMT
Connection: keep-alive

interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png

139.45.197.153

200 OK

45 kB

URL HTTP/2
interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45133 bytes)
Hash
36d8c29c866059b85b47752a6cc71b81
2d877eabf6710f66f5d7a3e265de997cf258ba32
0bbd2d8d16b4fd96c0a0dabecbd05ca573b30cd7079950d73b5dd68bde69a27b

HTTP Headers

GET /contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: image/png
content-length: 45133
last-modified: Thu, 14 Jul 2022 23:23:43 GMT
etag: "62d0a57f-b04d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/06/81/01/3a2614b7b0b9c1fe8640a337d6/01564863680579.jpeg

139.45.197.153

200 OK

125 kB

URL HTTP/2
interstitial-07.com/contents/s/06/81/01/3a2614b7b0b9c1fe8640a337d6/01564863680579.jpeg
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size
125 kB (125242 bytes)
Hash
0681013a2614b7b0b9c1fe8640a337d6
a422ab7fbf3cd22db2f3edd47aee04eae4355246
f3f918825d47aed0e2003ed3d95563abdfc80592531b6cfd593aafa356959766

HTTP Headers

GET /contents/s/06/81/01/3a2614b7b0b9c1fe8640a337d6/01564863680579.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: image/jpeg
content-length: 125242
last-modified: Mon, 18 Jul 2022 20:55:17 GMT
etag: "62d5c8b5-1e93a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=72747

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=72747
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a5bd5ca7a942e82ad88e21c8cf1f804d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: cc62afb403936ce9650d74aed180b752
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tobaltoyon.com/event

139.45.197.251

200 OK

0 B

URL HTTP/2
tobaltoyon.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

OPTIONS /event HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

tobaltoyon.com/event

139.45.197.251

200 OK

94 B

URL HTTP/2
tobaltoyon.com/event
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
76773abaf4800874ca9ae942e0d8c6a2
4059716458fc029837f61bbf12c3c5a55406b95d
27b5d4bd7c7ff203f74e6d7421aace37b454c917099e3e661f38ee8623a6067a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /event HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Content-Type: application/json
Origin: https://sakshyammagazine.com
Content-Length: 433
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 1c8725d83177dac8e2e73c4183f30248
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

upgulpinon.com/11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11?rnd=2944819761&z=4862911&b=14082267&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g==&ruid=dca56b42-6800-4823-9559-1c73ce3f8482&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakshyammagazine.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://sakshyammagazine.com/
Connection: keep-alive
Cookie: scm=1; OAID=825772b9ce0f44189a11cdea1c806e18; oaidts=1662715081
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 06669949d2fefc2dd64f1d9cfd92a4a5
access-control-expose-headers: X-Sc
set-cookie: OAID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
oaidts=1662715081; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
CNT=1_v1_2-DWAAEAAAAsSwAA; expires=Fri, 09 Sep 2022 10:18:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15465
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 09:18:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15465
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 09:18:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15465
Expires: Fri, 09 Sep 2022 13:35:48 GMT
Date: Fri, 09 Sep 2022 09:18:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 41547
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ptauxofi.net/pfe/current/service-worker.min.js?r=sw&v=2

139.45.197.250

200 OK

51 kB

URL HTTP/2
ptauxofi.net/pfe/current/service-worker.min.js?r=sw&v=2
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
51 kB (50551 bytes)
Hash
aac6a82f9966d1a0085569b52e9ed95b
b918e8d51c923861d034db3701309398ab601197
e1cb00c9d575d97ffa248d6ec1543050465a932ff8fd9a4ae4d0d289abf39fa9

HTTP Headers

GET /pfe/current/service-worker.min.js?r=sw&v=2 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-1d310"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7646 bytes)
Hash
b7d3752fb9bfaa323218e5a7b93aa5c6
08b4d519a099b04a9f1515377d02e51575f3321f
fa33f2240aea7395b0be62683743523beb1f0f11cb390f4d532e3474610a812c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: 1f48393e-8665-4591-a2a6-07953a68bb16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEaGTGwdIAMF47A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63180a28-1116d4bf11e2133503ac1429;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 03:04:08 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: S1y8if_u-ZqeKT0Wx9eyOaKNOmhcaydzfxwQeBQ-hArLtQG6ckJ8EQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 03:38:26 GMT
age: 20377
etag: "08b4d519a099b04a9f1515377d02e51575f3321f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7139 bytes)
Hash
706c7ceb40056f848425ca7d994cedc8
b9b1bf8291b6a66f260f82947966fa01ca78c61f
739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QAFJoWNKPurEH344wsc43OZdBSFCrN7zlnQfTsrMrF6qKM4Wj0QV7w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:03:18 GMT
age: 40485
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.1 kB (3125 bytes)
Hash
0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 17143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4002 bytes)
Hash
c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 39762
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tobaltoyon.com/pfe/current/universal.min.js?v=3.1.392

139.45.197.251

200 OK

0 B

URL HTTP/2
tobaltoyon.com/pfe/current/universal.min.js?v=3.1.392
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.392 HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Origin: https://sakshyammagazine.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-20481"
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

tobaltoyon.com/pfe/current/tag.min.js?z=4862902

139.45.197.251

200 OK

0 B

URL HTTP/2
tobaltoyon.com/pfe/current/tag.min.js?z=4862902
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /pfe/current/tag.min.js?z=4862902 HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 12:32:41 GMT
etag: W/"6315ec69-3a38"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

sakshyammagazine.com/sw.js

45.129.2.102

200 OK

0 B

URL HTTP/2
sakshyammagazine.com/sw.js
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sakshyammagazine.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Feb 2022 20:43:17 GMT
vary: Accept-Encoding
etag: W/"6206ca65-1474"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.205.240

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.205.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1797
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwTU0fO7U3GXm3gg5IOgs33zXa8It3pyRI9suYLsmIQ%2ByBDM5CJeTGgKUKI7CfYKGO1mXl1Nkl4gcB8GTeaKc3JVIVhvguteg1tS%2B2o1gS5MF40v6pxo9q5aUfIulw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747ed58c3f390b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /27/55dfd372293146a7ca113106d0d608dd HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Cookie: scm=1; OAID=a3a6db01347a48668e333b73afb7a876; oaidts=1662715081
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Sep 2022 05:02:06 GMT
expires: Wed, 07 Oct 2082 05:02:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.238

200 OK

0 B

URL HTTP/2
loajawun.com/500/4862906?excludes=&oaid=825772b9ce0f44189a11cdea1c806e18&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsakshyammagazine.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/4862906?excludes=&oaid=825772b9ce0f44189a11cdea1c806e18&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsakshyammagazine.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: loajawun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Cookie: OAID=9431deb6645c436990423bd6eba97014
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/javascript
x-trace-id: c1105877512efcda6d69d6b7423bf062
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sakshyammagazine.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.153

200 OK

0 B

URL HTTP/2
interstitial-07.com/?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.153:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?l=gP386FeXkNqGNM3&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D81917338%26z%3D4862911%26b%3D14082267%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3D-RnKcsUaYeVRWvYzVupuHntcM6CzGDy2JtqjmwldOz0Qb9VmsFVXFxqNWPXzFef654PGj0j7Sv3pnW7gxrNlT1bvEC9Mu9ynCoRnYvIUiTHuF6DT-s0rdOikgWwkiMUythet3dFHAlcGvljtOOnB-WhHPUhRf63z3YgrmDZn4rIbRAaPzmzI8qWi0sXgC4zc9CEQwj69uJVg6vQHzg1pvBvJblSQf4UV1yrF_AQHrZYRPDvgtSeKUuxc0TogwklXSVzD7Ej_NK7h10GfqZX8bcBqDghcd9uDFi3kF9s4hI64OtIdBfAXvobvkav3PXB2tM5Cv5j-LNVPbw2X8wO4FiBxCC1HM64Fp2UuVxntYprFgCcTXYFNgs7NR1eD_Fy6gjUJUSJcUCZ_72v0PPd5pYNFXetSCo8S5GsPcuQoc22vZ5p54FLEVMISu0kA5HOILtT8Whqofh3rLp3-itpAcy_1MZqRJ4EcaBkUBRltcYbUFLUsq84Qe_H3IqmdBgUl_pXmrXCRd01wXDrodg6JRXMpMfKpECcHbX6WkRNLmHajIuYZxLF3YdOzRVky062Ayw-KlkrYiY5Mi7SHm6VYEwKj9_-P4EIEw8PnqHOK6cPHRLmCe3aTzlNpW2dpmi6GW-UTGcLXZBLcn3kNgxD32g%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3Ddca56b42-6800-4823-9559-1c73ce3f8482%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fsakshyammagazine.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=k27FRb0f663G0eZKEXa49GCagnlDH2y3YwWPbqSk1Qo; expires=Fri, 09-Sep-2022 10:18:02 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2

sakshyammagazine.com/

45.129.2.102

200 OK

0 B

URL HTTP/2
sakshyammagazine.com/
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Oswald:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 09:18:01 GMT
date: Fri, 09 Sep 2022 09:18:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sakshyammagazine.com/sw.js?v=3.1.392&o=825772b9ce0f44189a11cdea1c806e18&pub=0&p=4862902

45.129.2.102

200 OK

0 B

URL HTTP/2
sakshyammagazine.com/sw.js?v=3.1.392&o=825772b9ce0f44189a11cdea1c806e18&pub=0&p=4862902
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js?v=3.1.392&o=825772b9ce0f44189a11cdea1c806e18&pub=0&p=4862902 HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _ym_uid=16627150741008820828; _ym_d=1662715074
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 11 Feb 2022 20:43:17 GMT
vary: Accept-Encoding
etag: W/"6206ca65-1474"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mc.yandex.ru/watch/87374609?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)

77.88.21.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/87374609?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
77.88.21.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/87374609?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/87374609/1?wmode=7&page-url=https%3A%2F%2Fsakshyammagazine.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5nsnaw%3Afp%3A975%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A467230786318%3Ahid%3A953617605%3Az%3A0%3Ai%3A20220909091753%3Aet%3A1662715074%3Ac%3A1%3Arn%3A126286032%3Arqn%3A1%3Au%3A16627150741008820828%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662715071971%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C306%2C73%2C0%2C199%2C0%2C%2C428%2C2%2C%2C%2C%2C1095%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662715074%3At%3ASakshyam%20Magazine%20-%20The%20Sensational%20Magazine&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 09:18:02 GMT
access-control-allow-origin: https://sakshyammagazine.com
set-cookie: yandexuid=9370359731662715082; Expires=Sat, 09-Sep-2023 09:18:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9370359731662715082; Expires=Sat, 09-Sep-2023 09:18:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2502343301662715082; Path=/; SameSite=None; Secure
i=t0ErLDIrFOWml8zG/FHz9j9gLOyX5Yai3JpLPQqaHt0pfNYYpx8YP6Ny9xpBHwp3WIp/capMfAh7OR86OJV12YypU88=; Expires=Mon, 06-Sep-2032 09:17:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694251082.yrts.1662715082#1694251082.yrtsi.1662715082; Expires=Sat, 09-Sep-2023 09:18:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 09:18:02 GMT
last-modified: Fri, 09-Sep-2022 09:18:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

sakshyammagazine.com/style.css

45.129.2.102

200 OK

0 B

URL HTTP/2
sakshyammagazine.com/style.css
IP
45.129.2.102:0
ASN
#51659 LLC Baxet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /style.css HTTP/1.1
Host: sakshyammagazine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Feb 2022 17:16:38 GMT
vary: Accept-Encoding
etag: W/"61fabc76-a61c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

loajawun.com/400/4862906

139.45.197.238

200 OK

0 B

URL HTTP/2
loajawun.com/400/4862906
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/4862906 HTTP/1.1
Host: loajawun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: application/javascript
x-trace-id: 1a952e23996158ffa7ab576c4ee3ce33
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9431deb6645c436990423bd6eba97014; expires=Sat, 09 Sep 2023 09:18:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

upgulpinon.com/1?z=4862911

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/1?z=4862911
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1?z=4862911 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:01 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 805a3f721a9458bbe7a06ce016da669e
access-control-expose-headers: X-Sc
x-sc: baa1ytPYtQTz7_F2gKgE9eaieUg9MvymYAoS2-0-OXnv5sQpQiW2pTA-sMpHAecfZ88jFnjbMr7ZzgG129KGghft3Qo=
set-cookie: scm=1; expires=Sat, 09 Sep 2023 09:18:01 GMT; secure; SameSite=None
OAID=a3a6db01347a48668e333b73afb7a876; expires=Sat, 09 Sep 2023 09:18:01 GMT; secure; SameSite=None
oaidts=1662715081; expires=Sat, 09 Sep 2023 09:18:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.242

200 OK

0 B

URL HTTP/2
upgulpinon.com/9?z=4862911&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=825772b9ce0f44189a11cdea1c806e18
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /9?z=4862911&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsakshyammagazine.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=825772b9ce0f44189a11cdea1c806e18 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 111
Origin: https://sakshyammagazine.com
Connection: keep-alive
Referer: https://sakshyammagazine.com/
Cookie: scm=1; OAID=a3a6db01347a48668e333b73afb7a876; oaidts=1662715081
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://sakshyammagazine.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 94df5f77e3efe2ca7801eafef3a455ca
access-control-expose-headers: X-Sc
set-cookie: OAID=825772b9ce0f44189a11cdea1c806e18; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
oaidts=1662715081; expires=Sat, 09 Sep 2023 09:18:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

unphionetor.com/fv.js?t=72747&cb=583069811

139.45.197.236

200 OK

0 B

URL HTTP/2
unphionetor.com/fv.js?t=72747&cb=583069811
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fv.js?t=72747&cb=583069811 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 09:18:02 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 94b81370cc07351b82e6524e37cd5fc6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations