Report - e155.rpgamedev.xyz/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wrop5lesg2vel196jqb1lpbk&sub2=1386749&sub1=a586357

Report Overview

Visited public
2024-12-13 01:26:47
Tags
URL
e155.rpgamedev.xyz/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wrop5lesg2vel196jqb1lpbk&sub2=1386749&sub1=a586357
Finishing URL
b3860e6c41.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dbd3a5f7-b607-4f5c-b550-9b915d3a7a9f
IP / ASN
192.133.142.177
#15317 SERVEREL-AS
Title

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
1ecfd219a4.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	93 kB	136.243.42.50
5a73da53d4.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	62 kB	136.243.42.50
b1c0c9c8b5.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	46 kB	136.243.42.50
29910a58ce.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	96 kB	136.243.42.50
3368b60a2f.news-bmacazo.cc	unknown	unknown	No data	No data	1.6 kB	93 kB	136.243.42.50
44a6e206e2.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	164 kB	136.243.42.50
de5eea89a9.news-bmacazo.cc	unknown	unknown	No data	No data	3.3 kB	82 kB	136.243.42.50
137abc766b.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	55 kB	136.243.42.50
6de2767ec6.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	26 kB	136.243.42.50
ab21df56ec.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	164 kB	136.243.42.50
2ed422d486.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	72 kB	136.243.42.50
255eca53e9.news-bmacazo.cc	unknown	unknown	No data	No data	4.4 kB	87 kB	136.243.42.50
c0cd9104a5.news-bmacazo.cc	unknown	unknown	No data	No data	1.2 kB	30 kB	136.243.42.50
fa7dabeb8b.news-bmacazo.cc	unknown	unknown	No data	No data	1.6 kB	76 kB	136.243.42.50
3e6071d3cf.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	54 kB	136.243.42.50
d2423af82a.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	51 kB	136.243.42.50
37561ceb27.news-bmacazo.cc	unknown	unknown	No data	No data	4.4 kB	92 kB	136.243.42.50
148bc4c6d4.news-bwitobu.today	unknown	unknown	No data	No data	1.6 kB	61 kB	23.158.56.201
1ffcb03e3c.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	184 kB	136.243.42.50
d523d69065.news-bmacazo.cc	unknown	unknown	No data	No data	3.8 kB	86 kB	136.243.42.50
c9b70e0d3e.news-bmacazo.cc	unknown	unknown	No data	No data	3.9 kB	141 kB	136.243.42.50
e7ce4342a0.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	84 kB	136.243.42.50
a51140e9ec.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	99 kB	136.243.42.50
9f3d552589.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	129 kB	136.243.42.50
d39af89568.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	66 kB	136.243.42.50
3038fd42a8.news-bmacazo.cc	unknown	unknown	No data	No data	1.2 kB	55 kB	136.243.42.50
d5e2d18fa1.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	157 kB	136.243.42.50
e8eda1fac2.news-bmacazo.cc	unknown	unknown	No data	No data	3.9 kB	69 kB	136.243.42.50
5fed111383.news-bmacazo.cc	unknown	unknown	No data	No data	2.8 kB	78 kB	136.243.42.50
9836403011.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	46 kB	136.243.42.50
c69941fc93.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	70 kB	136.243.42.50
0a5a57fbe0.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	47 kB	136.243.42.50
5d1bcc3ba3.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	69 kB	136.243.42.50
33b99e1642.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	63 kB	136.243.42.50
news-xxokeji.com	unknown	unknown	2024-12-08	2024-12-08	534 B	263 B	23.158.56.201
93d4da4a32.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	58 kB	136.243.42.50
9689095c6b.news-bmacazo.cc	unknown	unknown	No data	No data	3.9 kB	88 kB	136.243.42.50
b4da4bb097.news-bmacazo.cc	unknown	unknown	No data	No data	4.4 kB	51 kB	136.243.42.50
ad42631a99.news-bmacazo.cc	unknown	unknown	No data	No data	4.5 kB	130 kB	136.243.42.50
7ed64179b5.news-bmacazo.cc	unknown	unknown	No data	No data	1.2 kB	182 kB	136.243.42.50
e470215e9b.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	66 kB	136.243.42.50
cbad9843ee.news-bmacazo.cc	unknown	unknown	No data	No data	1.2 kB	69 kB	136.243.42.50
e155.rpgamedev.xyz	unknown	unknown	No data	No data	585 B	172 kB	192.133.142.177
b0c93b7969.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	201 kB	136.243.42.50
66663d98c8.news-bmacazo.cc	unknown	unknown	No data	No data	1.6 kB	83 kB	136.243.42.50
45af485775.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	61 kB	136.243.42.50
8b248d127f.news-bmacazo.cc	unknown	unknown	No data	No data	516 B	36 kB	136.243.42.50
e1fa4f1343.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	71 kB	136.243.42.50
35d212dcd6.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	81 kB	136.243.42.50
e883c7ad1a.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	69 kB	136.243.42.50
ff58e54557.news-bmacazo.cc	unknown	unknown	No data	No data	2.3 kB	69 kB	136.243.42.50
3111f99c15.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	19 kB	136.243.42.50
4c40a39286.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	133 kB	136.243.42.50
a0e9db493e.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	42 kB	136.243.42.50
c5945aece2.news-bmacazo.cc	unknown	unknown	No data	No data	2.2 kB	66 kB	136.243.42.50
553fa9d478.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	9.3 kB	136.243.42.50
2911691b9b.news-bmacazo.cc	unknown	unknown	No data	No data	1.6 kB	4.0 kB	136.243.42.50
4715c09739.news-bmacazo.cc	unknown	unknown	No data	No data	3.9 kB	74 kB	136.243.42.50
9b0086c387.news-bmacazo.cc	unknown	unknown	No data	No data	2.2 kB	30 kB	136.243.42.50
baf3e90072.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	72 kB	136.243.42.50
48359cad7e.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	104 kB	136.243.42.50
81d714982e.news-bmacazo.cc	unknown	unknown	No data	No data	524 B	2.7 kB	136.243.42.50
partners-tds.com	415339	2021-04-01	2021-04-01	2024-12-08	45 kB	42 kB	142.202.51.61
1b2d0e6211.news-bmacazo.cc	unknown	unknown	No data	No data	4.9 kB	122 kB	136.243.42.50
7d0bda3bad.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	69 kB	136.243.42.50
d7ed00a04f.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	110 kB	136.243.42.50
12dc76b377.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	65 kB	136.243.42.50
49453c3482.news-bmacazo.cc	unknown	unknown	No data	No data	516 B	36 kB	136.243.42.50
news-xpatado.com	unknown	2024-10-15	2024-11-05	2024-12-08	40 kB	19 kB	23.158.56.123
5424e1d42d.news-bmacazo.cc	unknown	unknown	No data	No data	616 B	110 kB	136.243.42.50
47e4ddc901.news-bmacazo.cc	unknown	unknown	No data	No data	2.2 kB	66 kB	136.243.42.50
bc533f00bf.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	64 kB	136.243.42.50
5bab417ecc.news-bmacazo.cc	unknown	unknown	No data	No data	2.2 kB	63 kB	136.243.42.50
40c7b6dad0.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	187 kB	136.243.42.50
b3860e6c41.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	3.2 kB	136.243.42.50
03c20caea4.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	87 kB	136.243.42.50
b5f7dc0e9e.news-bmacazo.cc	unknown	unknown	No data	No data	4.4 kB	72 kB	136.243.42.50
8e39dbd8b9.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	128 kB	136.243.42.50
6b04758c37.news-bmacazo.cc	unknown	unknown	No data	No data	1.2 kB	48 kB	136.243.42.50
8d2bde8646.news-bmacazo.cc	unknown	unknown	No data	No data	616 B	128 kB	136.243.42.50
fdbeed36f3.news-bmacazo.cc	unknown	unknown	No data	No data	1.1 kB	146 kB	136.243.42.50
498eb6ddcf.news-bmacazo.cc	unknown	unknown	No data	No data	516 B	36 kB	136.243.42.50
4dfc4c0b0e.news-bmacazo.cc	unknown	unknown	No data	No data	2.2 kB	68 kB	136.243.42.50
b76f6ffdd9.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	66 kB	136.243.42.50
071f42ce81.news-bmacazo.cc	unknown	unknown	No data	No data	1.7 kB	187 kB	136.243.42.50
57cce00ccd.news-bmacazo.cc	unknown	unknown	No data	No data	2.7 kB	26 kB	136.243.42.50
cc8744e9ad.news-bmacazo.cc	unknown	unknown	No data	No data	1.6 kB	63 kB	136.243.42.50

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-13 01:26:19	medium	192.133.142.177	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (410)

	URL	IP	Response	Size
	news-xxokeji.com/tds?id=1276457389&p1=1328	23.158.56.201	302 Found	0 B
URL news-xxokeji.com/tds?id=1276457389&p1=1328 IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1276457389&p1=1328 HTTP/1.1 Host: news-xxokeji.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e155.rpgamedev.xyz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:21 GMT content-length: 0 location: https://148bc4c6d4.news-bwitobu.today/?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	148bc4c6d4.news-bwitobu.today/revopush_v2.js	23.158.56.201	200 OK	36 kB
URL 148bc4c6d4.news-bwitobu.today/revopush_v2.js IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 148bc4c6d4.news-bwitobu.today User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://148bc4c6d4.news-bwitobu.today/?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:21 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	148bc4c6d4.news-bwitobu.today/lands/53/css/style.css	23.158.56.201	200 OK	1.3 kB
URL 148bc4c6d4.news-bwitobu.today/lands/53/css/style.css IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type ASCII text, with very long lines (4928), with no line terminators Size 1.3 kB (1301 bytes) Hash 6f2d06d6dbd00d18b9e7eb11ef80081d b86bdf3144b91210a3e04aab9802dba7b677ffe4 4bbe46d55f77d131ea3c70d021bf1e88fcfa1a98b7b89cf8f3f081ffb38fa7f8 HTTP Headers GET /lands/53/css/style.css HTTP/1.1 Host: 148bc4c6d4.news-bwitobu.today User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://148bc4c6d4.news-bwitobu.today/?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:21 GMT content-type: text/css content-length: 1301 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-515" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e155.rpgamedev.xyz/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wrop5lesg2vel196jqb1lpbk&sub2=1386749&sub1=a586357	192.133.142.177	200 OK	171 kB
URL e155.rpgamedev.xyz/adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wrop5lesg2vel196jqb1lpbk&sub2=1386749&sub1=a586357 IP 192.133.142.177:0 ASN #15317 SERVEREL-AS File type gzip compressed data, max speed, from Unix Size 171 kB (170926 bytes) Hash e45aa74cbbdcd3eee47cbafdfb5510dd 6beac0f1f1aef9fe3c755866e5bac47ac2224b32 19bfbaff795b38411196fa8feaa6eb1a7364bfd6f709b1bc685be12815299d05 HTTP Headers GET /adult_video_3/1328/2da4af00d834dfbd23fda189a58e00c9/?click_id=wrop5lesg2vel196jqb1lpbk&sub2=1386749&sub1=a586357 HTTP/1.1 Host: e155.rpgamedev.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:20 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model permissions-policy: ch-ua=(self "https://rexpush.club"), ch-ua-mobile=(self "https://rexpush.club"), ch-ua-platform=(self "https://rexpush.club"), ch-ua-full-version=(self "https://rexpush.club"), ch-ua-full-version-list=(self "https://rexpush.club"), ch-ua-platform-version=(self "https://rexpush.club"), ch-ua-arch=(self "https://rexpush.club"), ch-ua-wow64=(self "https://rexpush.club"), ch-ua-bitness=(self "https://rexpush.club"), ch-ua-model=(self "https://rexpush.club") content-encoding: gzip X-Firefox-Spdy: h2

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://148bc4c6d4.news-bwitobu.today/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:21 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:21 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcl9t; expires=Mon, 13 Jan 2025 01:26:21 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:42 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://148bc4c6d4.news-bwitobu.today/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:22 GMT content-length: 0 location: https://4c40a39286.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=072f0a60-9304-4ffd-b3e2-ae8d38524ffd vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4c40a39286.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 4c40a39286.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 4c40a39286.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4c40a39286.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=072f0a60-9304-4ffd-b3e2-ae8d38524ffd Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4c40a39286.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcl9t; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:22 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:22 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcla7; expires=Mon, 13 Jan 2025 01:26:22 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:44 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4c40a39286.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:22 GMT content-length: 0 location: https://a0e9db493e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a0e9db493e.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL a0e9db493e.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: a0e9db493e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a0e9db493e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a0e9db493e.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL a0e9db493e.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: a0e9db493e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a0e9db493e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a0e9db493e.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcla7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:22 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:22 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclag; expires=Mon, 13 Jan 2025 01:26:22 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:44 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a0e9db493e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:22 GMT content-length: 0 location: https://498eb6ddcf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fd649f09-9022-427c-8103-463fcbb2f25f vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	498eb6ddcf.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 498eb6ddcf.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 498eb6ddcf.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://498eb6ddcf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fd649f09-9022-427c-8103-463fcbb2f25f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://498eb6ddcf.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclag; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:23 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:23 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclam; expires=Mon, 13 Jan 2025 01:26:23 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://498eb6ddcf.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-length: 0 location: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 1b2d0e6211.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL 1b2d0e6211.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclam; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:23 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:23 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclas; expires=Mon, 13 Jan 2025 01:26:23 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1b2d0e6211.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-length: 0 location: https://7d0bda3bad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7d0bda3bad.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 7d0bda3bad.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 7d0bda3bad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d0bda3bad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d0bda3bad.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclas; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:23 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:23 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclav; expires=Mon, 13 Jan 2025 01:26:23 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7d0bda3bad.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-length: 0 location: https://03c20caea4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	03c20caea4.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 03c20caea4.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 03c20caea4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://03c20caea4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://03c20caea4.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclav; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:23 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:23 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclb5; expires=Mon, 13 Jan 2025 01:26:23 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:46 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://03c20caea4.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-length: 0 location: https://b0c93b7969.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b0c93b7969.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL b0c93b7969.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: b0c93b7969.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b0c93b7969.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	03c20caea4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb	136.243.42.50	200 OK	18 kB
URL 03c20caea4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 8739c0e41ebd1c81ea4f65d6ed44f76f 96073ff07bd3233260ad1ad563e30321e55bb335 aa94f7b317981220f8944a441b476f494e096956b6540e6a13437c6545592d65 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb HTTP/1.1 Host: 03c20caea4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://03c20caea4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b0c93b7969.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-length: 0 location: https://66663d98c8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	66663d98c8.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 66663d98c8.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 66663d98c8.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://66663d98c8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	66663d98c8.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 66663d98c8.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 66663d98c8.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://66663d98c8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://66663d98c8.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclb7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:24 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:24 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclbd; expires=Mon, 13 Jan 2025 01:26:24 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:48 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	7d0bda3bad.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36	136.243.42.50	200 OK	18 kB
URL 7d0bda3bad.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash faefcdca62dfac891150c1856ecb0612 42ffc5a7f05c1239b0ea532cd4fac63a19ee606d e719ea466eccbd91437134f2fe2825cd8609ce7819444387bed9d9570998665e HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 HTTP/1.1 Host: 7d0bda3bad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7d0bda3bad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	b0c93b7969.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000	136.243.42.50	200 OK	54 kB
URL b0c93b7969.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash c23a03d8e8f721f48275bc33229d4a4e 097de4e76a4d6faf2ffcec9ad7a9cd81c5d5888b fe1c4a8d662da090b8b6a7797e80d36e8289231f9a0b3ea823dd60e5b86887a5 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 HTTP/1.1 Host: b0c93b7969.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b0c93b7969.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL b4da4bb097.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b4da4bb097.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclbd; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:24 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:24 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclbj; expires=Mon, 13 Jan 2025 01:26:24 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:48 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b4da4bb097.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-length: 0 location: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL b5f7dc0e9e.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	66663d98c8.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322	136.243.42.50	200 OK	44 kB
URL 66663d98c8.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 44 kB (44083 bytes) Hash 0c11a62823cee1748b01477b4eb8c418 a23651020bb186c9d96efbc16f564e1d83c61175 c29d1fd206f2183676f2c1133648141fe5a2b2ef8de4bb5064db824637139a54 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 HTTP/1.1 Host: 66663d98c8.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://66663d98c8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=20b57042-224a-42ba-b9b0-6ee40a5da322 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL b5f7dc0e9e.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea	136.243.42.50	200 OK	3.9 kB
URL b5f7dc0e9e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (2178) Size 3.9 kB (3870 bytes) Hash e7c8d288f5b640ecdb3e793d2b9a6845 3581e519c97d64f3a01d431f24b3a718db1ea8b7 41931a1848d72c5d83f2bbacf86c2221e02f4df08160eb7e387961b0a4a71793 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=b0e07217-c32c-4045-9aab-587426b30fea HTTP/1.1 Host: b5f7dc0e9e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b4da4bb097.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b5f7dc0e9e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-length: 0 location: https://d5e2d18fa1.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d5e2d18fa1.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL d5e2d18fa1.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: d5e2d18fa1.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d5e2d18fa1.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d5e2d18fa1.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclbp; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:25 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:25 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclbs; expires=Mon, 13 Jan 2025 01:26:25 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:50 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d5e2d18fa1.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-length: 0 location: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7	136.243.42.50	200 OK	40 kB
URL ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 40 kB (39617 bytes) Hash 674924e0aba81f45e00edf6eee0dde3b dedfc97d7a222dc3078eb8e4a1132869dce4f670 a6732ef081f2cdd69f013cc265d1b870f8290409dfbf718e90fe7fcd5b59e16c HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d5e2d18fa1.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	d5e2d18fa1.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670	136.243.42.50	200 OK	22 kB
URL d5e2d18fa1.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 22 kB (21699 bytes) Hash b925a12486e3f08b1fa32f690fd4bd7f e2e4625f19ab8515e7bc0b6c9781af9a17dfc2cf 1f0f8ed8bbf734260e2bbfeba92991e0091824be264b60c7f225f3ad9c4451ea HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 HTTP/1.1 Host: d5e2d18fa1.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d5e2d18fa1.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL ad42631a99.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclbs; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:25 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:25 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclc3; expires=Mon, 13 Jan 2025 01:26:25 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:50 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ad42631a99.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-length: 0 location: https://4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4dfc4c0b0e.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 4dfc4c0b0e.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 4dfc4c0b0e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	4dfc4c0b0e.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 4dfc4c0b0e.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 4dfc4c0b0e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4dfc4c0b0e.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclc3; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:25 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:25 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclc8; expires=Mon, 13 Jan 2025 01:26:25 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:50 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4dfc4c0b0e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-length: 0 location: https://c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	c5945aece2.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL c5945aece2.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: c5945aece2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c5945aece2.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL c5945aece2.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: c5945aece2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	4dfc4c0b0e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8	136.243.42.50	200 OK	18 kB
URL 4dfc4c0b0e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 89d35b0258cf13f3e9db158e80198c72 930a59d6e488942ee83dc5da5431e7f63ca53dd5 f9bb65bed8f27940541da5a4f031f20cc6d8804ecb126cb5319318893b6070a2 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 HTTP/1.1 Host: 4dfc4c0b0e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	c5945aece2.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98	136.243.42.50	200 OK	18 kB
URL c5945aece2.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 7daea11b0afec59fb4cdf2c335b6e070 e91698b1617ae37f6ae0b4e3629b169789356f24 8b425c9bc0acd165b8d495052212f3ac24c972af7299f9622b3f4c2d6e263157 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 HTTP/1.1 Host: c5945aece2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	ad42631a99.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7	136.243.42.50	200 OK	54 kB
URL ad42631a99.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash 40e840d656166a5b5f466fdbd2ad733d 63b232587dfbc259051badfd0903be70776b03a6 f4be135776954aa683c556da5e073d71db84bbce060839892f07f5678b0adce2 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 HTTP/1.1 Host: ad42631a99.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ad42631a99.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bbb8add4-1427-495b-a3cd-37665ba473a7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8	136.243.42.50	200 OK	10 kB
URL 4dfc4c0b0e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 10 kB (10500 bytes) Hash f002455813df43a99fffc4ff18c2ed74 7e7f6bb31ba926f044db0db23b46eda96bd25c37 0dec4709026a8195e19888d56393b640230c2281767835e55577e39a10b88d59 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=f84cd88b-02fa-4194-944a-c195359567b8 HTTP/1.1 Host: 4dfc4c0b0e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ad42631a99.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclcc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:26 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclch; expires=Mon, 13 Jan 2025 01:26:26 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:52 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e8eda1fac2.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-length: 0 location: https://1ecfd219a4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1ecfd219a4.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 1ecfd219a4.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 1ecfd219a4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1ecfd219a4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da	136.243.42.50	200 OK	18 kB
URL e8eda1fac2.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 8cee249150da727f0900034a5b95d40d 87481ff2b99026e923d60b5dfd372a916356e731 dbfdef59b5fe555b199bca23a45035ba636cbd3e6b5fbe92d77aebd1e71be319 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1ecfd219a4.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-length: 0 location: https://5a73da53d4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5a73da53d4.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 5a73da53d4.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 5a73da53d4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5a73da53d4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5a73da53d4.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclcn; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:26 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclcs; expires=Mon, 13 Jan 2025 01:26:26 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:52 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5a73da53d4.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-length: 0 location: https://3e6071d3cf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=db2bfd70-1ad8-49bd-a6b2-5d4e5b1df565 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	3e6071d3cf.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 3e6071d3cf.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 3e6071d3cf.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3e6071d3cf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=db2bfd70-1ad8-49bd-a6b2-5d4e5b1df565 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3e6071d3cf.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclcs; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:27 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclcv; expires=Mon, 13 Jan 2025 01:26:27 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:54 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3e6071d3cf.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-length: 0 location: https://b1c0c9c8b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b99e88fa-c591-4cfc-9775-26fec0099b8c vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b1c0c9c8b5.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL b1c0c9c8b5.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: b1c0c9c8b5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b1c0c9c8b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b99e88fa-c591-4cfc-9775-26fec0099b8c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	b1c0c9c8b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b99e88fa-c591-4cfc-9775-26fec0099b8c	136.243.42.50	200 OK	9.4 kB
URL b1c0c9c8b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b99e88fa-c591-4cfc-9775-26fec0099b8c IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (7673) Size 9.4 kB (9413 bytes) Hash a7439319d157d96e5652b99f8eff575e c68d3a7c52fcfbef4058fd483ca7aa500d33035d 598682d9e72fee4352f0671690591e6b7c514484e311cdfc1000e74477c28288 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=b99e88fa-c591-4cfc-9775-26fec0099b8c HTTP/1.1 Host: b1c0c9c8b5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3e6071d3cf.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b1c0c9c8b5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-length: 0 location: https://5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5fed111383.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 5fed111383.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 5fed111383.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	3e6071d3cf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=db2bfd70-1ad8-49bd-a6b2-5d4e5b1df565	136.243.42.50	200 OK	18 kB
URL 3e6071d3cf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=db2bfd70-1ad8-49bd-a6b2-5d4e5b1df565 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 18 kB (17580 bytes) Hash a18c50654335129f5aa3b51ff5d04c4a b89aa3b1d0bad170500febbf1c59daa9df589742 6ccecfb8904b314ba797080864800f710b7264d18444474323a8be6064a661a9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=db2bfd70-1ad8-49bd-a6b2-5d4e5b1df565 HTTP/1.1 Host: 3e6071d3cf.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5a73da53d4.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92	136.243.42.50	200 OK	8.4 kB
URL 5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 8.4 kB (8446 bytes) Hash 3631ec19b0f9ff67acb81dfb249041e6 d172cd8047a22ad05978a5d1d9b4c36586829a9f c3d1121a03b3a713c50e3cd30fc6fa4bfcbd716c295034b5d8e28e107b8825d1 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 HTTP/1.1 Host: 5fed111383.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b1c0c9c8b5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1ecfd219a4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f	136.243.42.50	200 OK	45 kB
URL 1ecfd219a4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 45 kB (44678 bytes) Hash e3291d6d2b0621d1100e214ead128922 78936525de7bcb5a6bed715d41d23bc9ccbc637f c878f7fd5dbeaafc8db12655a051b1d3aeb67ece88e5a6ae2c79e6737b0ec88c HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f HTTP/1.1 Host: 1ecfd219a4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1ecfd219a4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	5a73da53d4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca	136.243.42.50	200 OK	25 kB
URL 5a73da53d4.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 25 kB (25448 bytes) Hash 8666af09b5a4b2dff1886736d670972d 27fff261c1f3bfa4d0d58b58e6c7f8b20ed91e8d d69c858887fc05ce3086fa2fdd95abf49b60df9489a6b9c133e2fd6b3fd108d7 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca HTTP/1.1 Host: 5a73da53d4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5a73da53d4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=56c23e07-0ce6-49cc-ad6e-ffc261a74eca Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	5fed111383.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 5fed111383.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 5fed111383.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	5fed111383.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 5fed111383.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 5fed111383.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	e8eda1fac2.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	22 kB
URL e8eda1fac2.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 22 kB (22478 bytes) Hash fc28b9dab0745524935b6aac8de18c41 9a0f0bd56f8612f61a229a335da4b78cb755ba16 dd83963881e25b9af72e5e99bea9316f1d04ff19d6ff9f8b3ccf620af931ebb7 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: e8eda1fac2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e8eda1fac2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=36b97b19-7099-43cf-9d32-c904f59c03da Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5fed111383.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcld7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:27 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclde; expires=Mon, 13 Jan 2025 01:26:27 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:54 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5fed111383.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-length: 0 location: https://44a6e206e2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=69316ea7-caa6-46b2-b79e-9df12a9b2503 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	44a6e206e2.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 44a6e206e2.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 44a6e206e2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://44a6e206e2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=69316ea7-caa6-46b2-b79e-9df12a9b2503 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://44a6e206e2.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclde; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:27 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcldi; expires=Mon, 13 Jan 2025 01:26:27 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:54 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://44a6e206e2.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-length: 0 location: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 4715c09739.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	5fed111383.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92	136.243.42.50	200 OK	25 kB
URL 5fed111383.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 25 kB (25398 bytes) Hash 5113c621a310cfba325cdc8017008c0d 7d2a11154cd7b2e8642011f3e1d12a2c0a1f55cb 560abb50239bfebcf95327e61810a797434b47c837b8146c20f74cb8fbe5e03f HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 HTTP/1.1 Host: 5fed111383.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5fed111383.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e6183dc3-e0c9-4aab-8fb9-6a9b2db66b92 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL 4715c09739.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/lands/61/images/spinning-circles2.svg	136.243.42.50	200 OK	503 B
URL 4715c09739.news-bmacazo.cc/lands/61/images/spinning-circles2.svg IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /lands/61/images/spinning-circles2.svg HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/lands/61/js/device.js	136.243.42.50	200 OK	1.1 kB
URL 4715c09739.news-bmacazo.cc/lands/61/js/device.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers GET /lands/61/js/device.js HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c	136.243.42.50	200 OK	18 kB
URL 4715c09739.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18413 bytes) Hash d8357777884c4803a1945677ce4d30dd 6f58431d7a1502aa48f65885ef32067913c0f3e3 0ff0e5ef7121a9f12be78dba4aec644fb1f02058198c9e885ea3b905aaea1805 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4715c09739.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-length: 0 location: https://8e39dbd8b9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5c84bda6-3ad4-4cc0-a563-3f5d088419e3 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/lands/8/v_F.ico	136.243.42.50	200 OK	1.2 kB
URL 4715c09739.news-bmacazo.cc/lands/8/v_F.ico IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Size 1.2 kB (1150 bytes) Hash 183cab2f5d4582ef71ae37efc8d458dd 7c230eba9c1ce7900ea9bbf53dde00ea068dc995 c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e HTTP Headers GET /lands/8/v_F.ico HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: image/x-icon content-length: 1150 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-47e" accept-ranges: bytes X-Firefox-Spdy: h2`

	8e39dbd8b9.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 8e39dbd8b9.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 8e39dbd8b9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8e39dbd8b9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5c84bda6-3ad4-4cc0-a563-3f5d088419e3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8e39dbd8b9.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcldp; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:28 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclds; expires=Mon, 13 Jan 2025 01:26:28 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:56 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8e39dbd8b9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-length: 0 location: https://6de2767ec6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	44a6e206e2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=69316ea7-caa6-46b2-b79e-9df12a9b2503	136.243.42.50	200 OK	128 kB
URL 44a6e206e2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=69316ea7-caa6-46b2-b79e-9df12a9b2503 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 128 kB (127607 bytes) Hash 19ad9e2ca6d164a7011c976f8e195527 8fad0aa9989ce969f014bca83eef5a10206248a9 f58ca32fa57d1a8e20e3fec21d00dbc446f68b628e19785234215dd948ae0363 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=69316ea7-caa6-46b2-b79e-9df12a9b2503 HTTP/1.1 Host: 44a6e206e2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5fed111383.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	6de2767ec6.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 6de2767ec6.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 6de2767ec6.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6de2767ec6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a0e9db493e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f	136.243.42.50	200 OK	3.2 kB
URL a0e9db493e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (1297) Size 3.2 kB (3248 bytes) Hash 475f87d4997bc5e355cc279c009d7332 11d6bf1d54278bcce7f15c003a01a3113f1bdbe1 9826f7a68380b19fbde93c3bcb2b8342c44c88e86b936d6725ecbc73a261dc37 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=6b53691b-87c5-4659-b90a-b23f99c0966f HTTP/1.1 Host: a0e9db493e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4c40a39286.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://6de2767ec6.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-length: 0 location: https://93d4da4a32.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	93d4da4a32.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 93d4da4a32.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 93d4da4a32.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://93d4da4a32.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	6de2767ec6.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a	136.243.42.50	200 OK	18 kB
URL 6de2767ec6.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18415 bytes) Hash ff64d60765bf3f599d7a3ff90c1c4229 c995f9b6e33dd58a46c5412e0876c12ebaae4a6e 84c957f19937e55b7f82e708f9347618b5a702086e0af5bcde64bb9236aa5cb5 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a HTTP/1.1 Host: 6de2767ec6.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6de2767ec6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://93d4da4a32.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:28 GMT content-length: 0 location: https://e1fa4f1343.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4c40a39286.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=072f0a60-9304-4ffd-b3e2-ae8d38524ffd	136.243.42.50	200 OK	97 kB
URL 4c40a39286.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=072f0a60-9304-4ffd-b3e2-ae8d38524ffd IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 97 kB (97092 bytes) Hash 9934a3373b926bae09bda6421239cd50 1575299900af0dc7cb97095a0b20175eb9fe7090 68dad6e85fb27f9017de6821aee88de6ef508adced6592aabd31a8c30ca337b7 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=072f0a60-9304-4ffd-b3e2-ae8d38524ffd HTTP/1.1 Host: 4c40a39286.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://148bc4c6d4.news-bwitobu.today/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:23 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e1fa4f1343.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL e1fa4f1343.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: e1fa4f1343.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e1fa4f1343.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	8e39dbd8b9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5c84bda6-3ad4-4cc0-a563-3f5d088419e3	136.243.42.50	200 OK	92 kB
URL 8e39dbd8b9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5c84bda6-3ad4-4cc0-a563-3f5d088419e3 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 92 kB (91860 bytes) Hash 1c3205b06a116891ab50515284017594 92ea36cbbb9bc92b0e26ef76bc88e87406db2342 42f7afa650326f52b80b337c6af123b39bb8b456a8698005d574531be32259a4 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=5c84bda6-3ad4-4cc0-a563-3f5d088419e3 HTTP/1.1 Host: 8e39dbd8b9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4715c09739.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e1fa4f1343.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-length: 0 location: https://ab21df56ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cb8d4d54-a960-4751-a10a-b1197b3e447b vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ab21df56ec.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL ab21df56ec.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: ab21df56ec.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ab21df56ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cb8d4d54-a960-4751-a10a-b1197b3e447b Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ab21df56ec.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcleb; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:29 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:29 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcleg; expires=Mon, 13 Jan 2025 01:26:29 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:58 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	e1fa4f1343.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674	136.243.42.50	200 OK	18 kB
URL e1fa4f1343.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash da31daab40e5165952085f9364f71146 46f060482b549eff6f09479ce99b3a84ff00225c 41998bdd9d1f9c7025503c5a4cbc83a461c95806daeef409764b0b8158a13d6a HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 HTTP/1.1 Host: e1fa4f1343.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e1fa4f1343.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	d2423af82a.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL d2423af82a.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: d2423af82a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2423af82a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0ae540e8-36c4-4182-894d-f913ee7b7508 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d5e2d18fa1.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670	136.243.42.50	200 OK	99 kB
URL d5e2d18fa1.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 99 kB (99112 bytes) Hash 309064a689b8744c6f9e09ea29c76bcf a38fe721604d8b65033334bf3ef8e083983ff40d 68205761feef81521dc996a8851e6ead7b8802195dbdec45e8b7cf1ff9df32ad HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a67f873c-d3a0-4a5a-b1c5-5e48253d9670 HTTP/1.1 Host: d5e2d18fa1.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b5f7dc0e9e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:26 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98	136.243.42.50	200 OK	7.8 kB
URL c5945aece2.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 7.8 kB (7824 bytes) Hash 4660429e3ca926a01550ada484985c8d a82b3ce005d4b1333e07b4191e9017a4ecf8318c 14e8c32fec004a4e70297f5ded3280bae1c6872954f6b93b41aadfb41bfd9b8e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c572f93-a53e-429b-9be4-ea47b649cd98 HTTP/1.1 Host: c5945aece2.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://4dfc4c0b0e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74	136.243.42.50	200 OK	12 kB
URL b4da4bb097.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 12 kB (11717 bytes) Hash 6712181ec181f67579c2d027f823aae0 60b8147e0aa4a1e8f8d702033e6cfac2d363e954 402c0d4fd684ec990f97bb11a70f3afb64c74d19557bcf9ce071a1bc92bf7906 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=74f5ce11-a498-4155-9920-76e157636e74 HTTP/1.1 Host: b4da4bb097.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://66663d98c8.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	148bc4c6d4.news-bwitobu.today/?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd	23.158.56.201	200 OK	23 kB
URL 148bc4c6d4.news-bwitobu.today/?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd IP 23.158.56.201:0 ASN #63023 AS-GLOBALTELEHOST File type data Size 23 kB (23296 bytes) Hash 8a505bd98be61b3d3011a350984fd4c7 b74db4354e9489284ac85dc33ccbe26a1e9041d4 eef7d1642349739ea619ebdd858d37cd38e723f2e71e0aaa861bcd2a587fb344 HTTP Headers GET /?id=1276457389&p1=1328&traceId=9b474523-fc57-4b1e-af40-ffee90e154bd HTTP/1.1 Host: 148bc4c6d4.news-bwitobu.today User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e155.rpgamedev.xyz/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:21 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2423af82a.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcleg; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:29 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:29 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclet; expires=Mon, 13 Jan 2025 01:26:29 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:58 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d2423af82a.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-length: 0 location: https://35d212dcd6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a52c5b25-837a-488d-8065-b9e44f2190ab vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	35d212dcd6.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 35d212dcd6.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 35d212dcd6.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://35d212dcd6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a52c5b25-837a-488d-8065-b9e44f2190ab Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://35d212dcd6.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclet; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:29 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:29 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclev; expires=Mon, 13 Jan 2025 01:26:29 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:52:58 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://35d212dcd6.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-length: 0 location: https://9f3d552589.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9f3d552589.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 9f3d552589.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 9f3d552589.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9f3d552589.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9f3d552589.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclev; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:30 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:30 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclf3; expires=Mon, 13 Jan 2025 01:26:30 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:00 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	b0c93b7969.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000	136.243.42.50	200 OK	110 kB
URL b0c93b7969.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 110 kB (110276 bytes) Hash 4a828339ed5ec54e62b753567b1bc8d7 a683ff9f639b3c69d3f849280b9a06e998840a8f 81bba589cacee03e41b47dd839bc6a5ae29e603aaf3b2064cdc5c0b7c629ff69 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=8d40dc89-8074-4805-af1a-12bdb91f4000 HTTP/1.1 Host: b0c93b7969.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://03c20caea4.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL c9b70e0d3e.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	1b2d0e6211.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3	136.243.42.50	200 OK	47 kB
URL 1b2d0e6211.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 47 kB (47112 bytes) Hash 47e5a1c01b529d013ac7657a64034ed7 12588723075003925d1cd0b629c922b3d8b47667 ad77af328127092affa6cb4d46005fcb1586ee272b4c323cde7d94319354bdb2 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 HTTP/1.1 Host: 1b2d0e6211.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1b2d0e6211.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=fbb5885c-1253-452d-a5dd-85e91d95cac3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:24 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	93d4da4a32.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065	136.243.42.50	200 OK	22 kB
URL 93d4da4a32.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 22 kB (21680 bytes) Hash 518b91d54425cdcde7048b69a5fbf747 20e09653a73257378e1b0a6818f47172e0ea0025 c4ad43ffbf8602ebb0ed4a6630af19d72fb1711241b7307b3f6e16d4aee45ea6 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065 HTTP/1.1 Host: 93d4da4a32.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://93d4da4a32.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=97e0f6a1-dba0-4aa6-b6a8-557627868065 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	d2423af82a.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL d2423af82a.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: d2423af82a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2423af82a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0ae540e8-36c4-4182-894d-f913ee7b7508 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL c9b70e0d3e.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclf3; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:30 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:30 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclf8; expires=Mon, 13 Jan 2025 01:26:30 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:00 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c9b70e0d3e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-length: 0 location: https://d39af89568.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d7fdafd3-b1ab-443e-8910-29aeb51a9a02 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d39af89568.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL d39af89568.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: d39af89568.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d39af89568.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d7fdafd3-b1ab-443e-8910-29aeb51a9a02 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366	136.243.42.50	200 OK	18 kB
URL c9b70e0d3e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash dae4b0445c8fd48bebe60ac4efed19b5 19bbafdd89aed3226a419be84d6ee0e1a08aab08 29a61db60ef21b4a646741d4cc449d273f5bbfb2e38f2dd0ea3a048de54258fe HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d39af89568.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-length: 0 location: https://9b0086c387.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9f3d552589.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576	136.243.42.50	200 OK	82 kB
URL 9f3d552589.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 82 kB (81725 bytes) Hash d60e7e38a4f7d8185ebb13ea035b1c6f 9a9ebd16356d6f812a6b51d5721a4eb633823f7c e1d4a372caa16819db81288b613c6542462495f800bc8edfa7c3b2316e3cda9f HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 HTTP/1.1 Host: 9f3d552589.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9f3d552589.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	9b0086c387.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL 9b0086c387.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: 9b0086c387.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9b0086c387.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9b0086c387.news-bmacazo.cc/lands/61/images/spinning-circles2.svg	136.243.42.50	200 OK	503 B
URL 9b0086c387.news-bmacazo.cc/lands/61/images/spinning-circles2.svg IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /lands/61/images/spinning-circles2.svg HTTP/1.1 Host: 9b0086c387.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9b0086c387.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	9b0086c387.news-bmacazo.cc/lands/61/js/device.js	136.243.42.50	200 OK	1.1 kB
URL 9b0086c387.news-bmacazo.cc/lands/61/js/device.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers GET /lands/61/js/device.js HTTP/1.1 Host: 9b0086c387.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9b0086c387.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9b0086c387.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclfe; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:30 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:30 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclfj; expires=Mon, 13 Jan 2025 01:26:30 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:00 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9b0086c387.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-length: 0 location: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 37561ceb27.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9b0086c387.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49	136.243.42.50	200 OK	26 kB
URL 9b0086c387.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 26 kB (25668 bytes) Hash 54b913f5e6ea93f51f733bc90eff0e59 78391e884979402e5511986dd50740c3ac6164f9 c884fb501743ebfc6ee249c2feadc4095c98de189fa0e5d227d804669ef3205a HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 HTTP/1.1 Host: 9b0086c387.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9b0086c387.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0088e71a-b9ef-4258-975d-3a40562c7e49 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334	136.243.42.50	200 OK	8.4 kB
URL 37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 8.4 kB (8446 bytes) Hash 5bd073c46036ff2565258089f1b25c57 f6e1309797b1c02fa8807bf4323ca18124c29c98 6bad0dca5b2e515af34e6ed9e4ede746b4e496e4a39158438b92d6911e41e5dc HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9b0086c387.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL 37561ceb27.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL 37561ceb27.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 37561ceb27.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 37561ceb27.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL 37561ceb27.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclfj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:31 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclfo; expires=Mon, 13 Jan 2025 01:26:31 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://37561ceb27.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-length: 0 location: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL de5eea89a9.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL de5eea89a9.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/lands/61/images/spinning-circles2.svg	136.243.42.50	200 OK	503 B
URL de5eea89a9.news-bmacazo.cc/lands/61/images/spinning-circles2.svg IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /lands/61/images/spinning-circles2.svg HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/lands/61/js/device.js	136.243.42.50	200 OK	1.1 kB
URL de5eea89a9.news-bmacazo.cc/lands/61/js/device.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers GET /lands/61/js/device.js HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclfo; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:31 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclft; expires=Mon, 13 Jan 2025 01:26:31 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://de5eea89a9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-length: 0 location: https://2ed422d486.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	2ed422d486.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 2ed422d486.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 2ed422d486.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ed422d486.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ed422d486.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclft; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:31 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclg5; expires=Mon, 13 Jan 2025 01:26:31 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://2ed422d486.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-length: 0 location: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 255eca53e9.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon2.png	136.243.42.50	200 OK	4.6 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon2.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.6 kB (4576 bytes) Hash c947d439eb93367f1af5b2a3d222f057 5b4c10820d39e624bc6df72a113679da80a8e44e aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2 HTTP Headers GET /lands/39/img/icon2.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 4576 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-11e0" accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab	136.243.42.50	200 OK	25 kB
URL de5eea89a9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 25 kB (25447 bytes) Hash 2523bed12e4e755756d08cb090360fd1 112ca8859cc04218740bc89c25299fde1fbdaae7 d6d5a4ad934389bf91750170afb38630b9411042d3588ccac9605d893dc60c2c HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL 255eca53e9.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclg5; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:31 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclgc; expires=Mon, 13 Jan 2025 01:26:31 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:02 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	2ed422d486.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567	136.243.42.50	200 OK	18 kB
URL 2ed422d486.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18415 bytes) Hash 1c94ff27ccd1765cd9b215e8f3cdfbd4 20f034a53166192171137c9ecb2bdd451ecee959 942b63bfdaeac1a355579b14de69cae9df73dde208466bade7d4eee3dd17cab6 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 HTTP/1.1 Host: 2ed422d486.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2ed422d486.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	e883c7ad1a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3	136.243.42.50	200 OK	13 kB
URL e883c7ad1a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 13 kB (13025 bytes) Hash 86fb84f6b17f5b0aa5ded5d74b7a9743 7f3f71db4356a73756a41c62c82cf0915226377c b2b42da5579bb95f2d72e0545990d38573d5f427389770306444f704970bc7f9 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 HTTP/1.1 Host: e883c7ad1a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://255eca53e9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e883c7ad1a.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL e883c7ad1a.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: e883c7ad1a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e883c7ad1a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	37561ceb27.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334	136.243.42.50	200 OK	21 kB
URL 37561ceb27.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 21 kB (20794 bytes) Hash b0cb9adb8d68a451ba4ff2f5ff5b206d 8fe74301e35ac210cb1e0b753e1a9765b5c2cce5 b412029415d4b2aa3791506a488d5b5721a02ac74cfa64755aaf01f7822f9aec HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 HTTP/1.1 Host: 37561ceb27.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://37561ceb27.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e2b43a85-24c5-471d-809b-e8da281d8334 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e883c7ad1a.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclgc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:32 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:32 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclgg; expires=Mon, 13 Jan 2025 01:26:32 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e883c7ad1a.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-length: 0 location: https://ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ff58e54557.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL ff58e54557.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: ff58e54557.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ff58e54557.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclgg; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:32 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:32 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclgl; expires=Mon, 13 Jan 2025 01:26:32 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ff58e54557.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-length: 0 location: https://5424e1d42d.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b36301b4-f2d5-409d-befb-bc4f77455649 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ff58e54557.news-bmacazo.cc/lands/21/v_F.ico	136.243.42.50	200 OK	1.2 kB
URL ff58e54557.news-bmacazo.cc/lands/21/v_F.ico IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Size 1.2 kB (1150 bytes) Hash 183cab2f5d4582ef71ae37efc8d458dd 7c230eba9c1ce7900ea9bbf53dde00ea068dc995 c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e HTTP Headers GET /lands/21/v_F.ico HTTP/1.1 Host: ff58e54557.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: image/x-icon content-length: 1150 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-47e" accept-ranges: bytes X-Firefox-Spdy: h2`

	35d212dcd6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a52c5b25-837a-488d-8065-b9e44f2190ab	136.243.42.50	200 OK	45 kB
URL 35d212dcd6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a52c5b25-837a-488d-8065-b9e44f2190ab IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 45 kB (45160 bytes) Hash d1dbaca4d328d05029cf702605430f4c 98a497ad7e7e7facb719466043ee89382b824dcf ff9968fa8841d64b08d6b26438a71af46f43fd6189c9cf434a7f70b9e1616226 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a52c5b25-837a-488d-8065-b9e44f2190ab HTTP/1.1 Host: 35d212dcd6.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d2423af82a.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5424e1d42d.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclgl; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:32 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:32 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclgu; expires=Mon, 13 Jan 2025 01:26:32 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:04 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5424e1d42d.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-length: 0 location: https://bc533f00bf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=3c33a880-635d-4048-b769-040209d52ac0 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	bc533f00bf.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL bc533f00bf.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: bc533f00bf.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://bc533f00bf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=3c33a880-635d-4048-b769-040209d52ac0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d39af89568.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d7fdafd3-b1ab-443e-8910-29aeb51a9a02	136.243.42.50	200 OK	30 kB
URL d39af89568.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d7fdafd3-b1ab-443e-8910-29aeb51a9a02 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 30 kB (29946 bytes) Hash abeace529ce9e3c81adb649f82a54a80 87f13657edd1ff7efdaedf23950a079f4786515f f1cc025783912c3a7e8bcc194db8869f9e0555c23a4428278b07840378abdcec HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=d7fdafd3-b1ab-443e-8910-29aeb51a9a02 HTTP/1.1 Host: d39af89568.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c9b70e0d3e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9f3d552589.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576	136.243.42.50	200 OK	11 kB
URL 9f3d552589.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (7760) Size 11 kB (10831 bytes) Hash 9057dda435d8d52f2c6bded9352cb047 671d69bfec6612ae7008e76f1024bcb7ab5905cd 5927c613c280879f984899c7fceef56c85dcbf5e300c8a2481a747e9bb0aeb8e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=926a57aa-7aa9-4206-9e7c-c54cd71bf576 HTTP/1.1 Host: 9f3d552589.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://35d212dcd6.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	6de2767ec6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a	136.243.42.50	200 OK	4.4 kB
URL 6de2767ec6.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 4.4 kB (4359 bytes) Hash a69a283fc9fa8596ce9f5723879fccfb 6107b1ff3e86f822e657631191bb38f756f8a2f5 6749e577e0764fc562ff9b2fbf6dab34934e3d409e303aa5843fa4f28288a273 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=12564a93-bd3d-4de4-a031-f044c4bd568a HTTP/1.1 Host: 6de2767ec6.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8e39dbd8b9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e1fa4f1343.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674	136.243.42.50	200 OK	16 kB
URL e1fa4f1343.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 16 kB (15651 bytes) Hash 72348b14ac86bdd2b7eae35759182f65 1cf84a71a67127153ead94934356070e8dc1b7c5 f5dd2456689697fc82fe1d298ed3fcd0390fdd3256b8d7a15168595203d8a888 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=c338baf0-8d80-424b-b7db-c8b771b83674 HTTP/1.1 Host: e1fa4f1343.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://93d4da4a32.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5424e1d42d.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b36301b4-f2d5-409d-befb-bc4f77455649	136.243.42.50	200 OK	110 kB
URL 5424e1d42d.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b36301b4-f2d5-409d-befb-bc4f77455649 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 110 kB (110276 bytes) Hash 21c68ee9fc3488f6cd60b5775bbf5d04 4d03024de2dcb348ff41dd20174251c120a0f597 8dfe8fda592545ea5c2bf4da8e507f3a82d9a5e95e7d900526cede377ab50ccf HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=b36301b4-f2d5-409d-befb-bc4f77455649 HTTP/1.1 Host: 5424e1d42d.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ff58e54557.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bc533f00bf.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-length: 0 location: https://9836403011.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=98e92cbc-2359-4276-bbdf-4cb63dc79edf vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9836403011.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 9836403011.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 9836403011.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9836403011.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=98e92cbc-2359-4276-bbdf-4cb63dc79edf Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9836403011.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclh1; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:33 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:33 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclh6; expires=Mon, 13 Jan 2025 01:26:33 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9836403011.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-length: 0 location: https://5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5bab417ecc.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 5bab417ecc.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 5bab417ecc.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d2423af82a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0ae540e8-36c4-4182-894d-f913ee7b7508	136.243.42.50	200 OK	11 kB
URL d2423af82a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0ae540e8-36c4-4182-894d-f913ee7b7508 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 11 kB (11122 bytes) Hash d6551ef6057762b4eb895cde550fd362 fb48b076f45c8939f90bd5a704cac018e2162fdd cb5a8d65690d9710515cbdad174c4dc62f374b9ce8e4f06c35467d21a216dc70 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=0ae540e8-36c4-4182-894d-f913ee7b7508 HTTP/1.1 Host: d2423af82a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ab21df56ec.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c	136.243.42.50	200 OK	14 kB
URL 4715c09739.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 14 kB (13723 bytes) Hash 2ab5cce5b051fdc5cdef3580af46bd7c 6558ba7747ffb07980e050e4c46a6fb7e09db3e8 65e1670949d80ac96237c3e208393d16f2dc83cf21f4e69edc838da2a44d441e HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=8c8e3d55-7e20-4fdf-a456-13e9cad1112c HTTP/1.1 Host: 4715c09739.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://44a6e206e2.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:29 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5bab417ecc.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL 5bab417ecc.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: 5bab417ecc.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab	136.243.42.50	200 OK	16 kB
URL de5eea89a9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 16 kB (16179 bytes) Hash 74df4a22deecf1a1c30ac148acaa6864 3ee9c71229b48c55ab917b22e66439b81d4675c1 c1a98a3dd8b716d74d3c9ff10226523355d6b71a0baee4da1baffff2ad130b5a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=0e37781a-949a-405b-a9a6-712d23df10ab HTTP/1.1 Host: de5eea89a9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://37561ceb27.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	03c20caea4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb	136.243.42.50	200 OK	32 kB
URL 03c20caea4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 32 kB (31608 bytes) Hash 2dc1f91912f4a63bdcd7ad8ad07f5b31 4df039ce712ef2659cf69d2e1757c2e1885b182d fb5ba607ddff45592140b169cdcc1dfc1e4de03a8f74d7e8d30c7645ce6ea1b6 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a6d69f82-ef05-45f7-8e0e-8c4743beb7eb HTTP/1.1 Host: 03c20caea4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7d0bda3bad.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ff58e54557.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05	136.243.42.50	200 OK	22 kB
URL ff58e54557.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 22 kB (21699 bytes) Hash 18c3912f9c3a908831156883bd855852 8e4d9386de8c6e5da7d97342e56d18221425f8fa 047fa492b1721c9b0d5f6e121e6a9135409ea5f0a75976c46c03268df88e43d6 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 HTTP/1.1 Host: ff58e54557.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	5bab417ecc.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL 5bab417ecc.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: 5bab417ecc.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5bab417ecc.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclh6; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:33 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:33 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclh9; expires=Mon, 13 Jan 2025 01:26:33 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	9836403011.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=98e92cbc-2359-4276-bbdf-4cb63dc79edf	136.243.42.50	200 OK	9.4 kB
URL 9836403011.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=98e92cbc-2359-4276-bbdf-4cb63dc79edf IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (7673) Size 9.4 kB (9413 bytes) Hash 22836345f0eeb18a01ec49b61f4283c1 75d7f83bcd51b3159fe70afe9b2851820f248e16 9c198a31bf787f642bda2502667f8332aa76b0d4cbd07c0e97410c36dc59dffe HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=98e92cbc-2359-4276-bbdf-4cb63dc79edf HTTP/1.1 Host: 9836403011.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://bc533f00bf.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	47e4ddc901.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 47e4ddc901.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 47e4ddc901.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47e4ddc901.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	47e4ddc901.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 47e4ddc901.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 47e4ddc901.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47e4ddc901.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47e4ddc901.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclh9; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:33 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:33 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclhe; expires=Mon, 13 Jan 2025 01:26:33 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:06 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://47e4ddc901.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-length: 0 location: https://40c7b6dad0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	40c7b6dad0.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 40c7b6dad0.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 40c7b6dad0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://40c7b6dad0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	47e4ddc901.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01	136.243.42.50	200 OK	18 kB
URL 47e4ddc901.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash a33329b47a162141c86b591c85c912f6 be99a4c7d39d5e1126a294406e31bf729bc30a5c 7f6c12e39f2e3171ac2bcf0f1d3a91a6648288301d7265143142fe20e662996a HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 HTTP/1.1 Host: 47e4ddc901.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://47e4ddc901.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://40c7b6dad0.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-length: 0 location: https://b76f6ffdd9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b76f6ffdd9.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL b76f6ffdd9.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: b76f6ffdd9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b76f6ffdd9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366	136.243.42.50	200 OK	62 kB
URL c9b70e0d3e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 62 kB (61496 bytes) Hash 25d6c4d90071fdde9977ef92f4e19509 4842700f96351f16585b97ab0650d5cee6400701 995f359122f6b002cd5986859205edb84ca1ae6141d68ce8b5eff342e1ca632b HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=92349597-300d-42a0-91c7-19b7c36e3366 HTTP/1.1 Host: c9b70e0d3e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9f3d552589.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:31 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b76f6ffdd9.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclhj; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:34 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclho; expires=Mon, 13 Jan 2025 01:26:34 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:08 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b76f6ffdd9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-length: 0 location: https://7ed64179b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7ed64179b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512	136.243.42.50	200 OK	128 kB
URL 7ed64179b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 128 kB (127607 bytes) Hash 5ee3b5451076db7d73d4bd95d626f768 1729c1ee31aa4c18750c8bca521cd44ba50f802b aa8e43a8d47b60f7b8f0b4406c38cff83c3c4fcfa17266cf3cca63a46014646f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 HTTP/1.1 Host: 7ed64179b5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://b76f6ffdd9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b76f6ffdd9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556	136.243.42.50	200 OK	18 kB
URL b76f6ffdd9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 3eac4c60bcff997024b056d96557d4b0 6b3fa36fdda992338a41b1b1074a44b5530a4271 5e872d42fa37d24acbc29f8620f71627800f3f51c25e2618c391082b3cb740fc HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 HTTP/1.1 Host: b76f6ffdd9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b76f6ffdd9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7ed64179b5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-length: 0 location: https://3038fd42a8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7ed64179b5.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512	136.243.42.50	200 OK	54 kB
URL 7ed64179b5.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash f7c0f58d603a418f9b0d6c32b0b7356e fd3c437c0b4db0ac97c6cb9d2c6c85d768be1836 a2414fa6918e6a339a10de5cb94709a61a5ac085829b09433f1f24a1880f2efa HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 HTTP/1.1 Host: 7ed64179b5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://7ed64179b5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=169986d1-5f20-4f1d-a83f-4c0a6a306512 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3038fd42a8.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclhu; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:34 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcli2; expires=Mon, 13 Jan 2025 01:26:34 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:08 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3038fd42a8.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-length: 0 location: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 9689095c6b.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL 9689095c6b.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	40c7b6dad0.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0	136.243.42.50	200 OK	23 kB
URL 40c7b6dad0.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 23 kB (22992 bytes) Hash ecfa3fa41f96f4e85bf41015ef31dd03 dbed8e6e648c0ff490ea7b6d0c0c46a27556189a 0bffde41a318a098e45bcb2ccb8d2377d738c122927e9bba4d789b48b74a1974 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 HTTP/1.1 Host: 40c7b6dad0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://40c7b6dad0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL 9689095c6b.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	2ed422d486.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567	136.243.42.50	200 OK	17 kB
URL 2ed422d486.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 17 kB (17360 bytes) Hash 45c3d3eb536dff0e509be442aa3500c9 f9f8903ac19465e1910e27b17359f842df07709a 0912ef984dc28e27f08e2acf15a3721df6661b86735db9e4209597f73c2368c5 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=6dfd8a6e-e840-4bba-ba81-8fec9a6aa567 HTTP/1.1 Host: 2ed422d486.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://de5eea89a9.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:32 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 9689095c6b.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 9689095c6b.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	3038fd42a8.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79	136.243.42.50	200 OK	22 kB
URL 3038fd42a8.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 22 kB (22479 bytes) Hash a35b20b169fd23cb18eb2518ddfc70b3 723759187df109fef762933163a4018a6aa95aab e673c6e2defb254b92436545afd7287243a3df08d5cfe58472f91f6a1f91e916 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 HTTP/1.1 Host: 3038fd42a8.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3038fd42a8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858	136.243.42.50	200 OK	18 kB
URL 9689095c6b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash bac7e7d19083ba9395aab3fc740f0c2c 11983ce6922d214f3ea1e68c7055f2871bf2afe3 9f11b068f58db168678212d960b67a25afde0d342304545d2c8af2f7a336bc28 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9689095c6b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-length: 0 location: https://e470215e9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e470215e9b.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL e470215e9b.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: e470215e9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e470215e9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e470215e9b.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclia; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:35 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclif; expires=Mon, 13 Jan 2025 01:26:35 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:10 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e470215e9b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-length: 0 location: https://071f42ce81.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	071f42ce81.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 071f42ce81.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 071f42ce81.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://071f42ce81.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://071f42ce81.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclif; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:35 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclii; expires=Mon, 13 Jan 2025 01:26:35 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:10 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	e470215e9b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226	136.243.42.50	200 OK	18 kB
URL e470215e9b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18415 bytes) Hash 79b3d00114834ed48e04ed29461dc8cc 96c366acf43bb38527fa1d14f37486fe95fc2da7 3971bcbec2db3d842ad5a0184f862e84e47bfe5e9603c6d0e4764d1c5df8ac6d HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 HTTP/1.1 Host: e470215e9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e470215e9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	baf3e90072.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL baf3e90072.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: baf3e90072.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://baf3e90072.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://baf3e90072.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclii; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:35 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclin; expires=Mon, 13 Jan 2025 01:26:35 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:10 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://baf3e90072.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-length: 0 location: https://1ffcb03e3c.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1ffcb03e3c.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 1ffcb03e3c.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 1ffcb03e3c.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1ffcb03e3c.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	baf3e90072.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97	136.243.42.50	200 OK	9.4 kB
URL baf3e90072.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (7673) Size 9.4 kB (9413 bytes) Hash 53a19822396d2e6d3b29fa2722e7c91b 441d4e576f43dabb7d3ed8660cfa9d6d6f1e9168 8d8652cf11ccc709ad1084a3744310e61d41362b6c66ff5a4969dab7144ba799 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 HTTP/1.1 Host: baf3e90072.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://071f42ce81.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1ffcb03e3c.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-length: 0 location: https://e7ce4342a0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e7ce4342a0.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL e7ce4342a0.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: e7ce4342a0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e7ce4342a0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e7ce4342a0.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclit; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:36 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclj3; expires=Mon, 13 Jan 2025 01:26:36 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:12 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e7ce4342a0.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-length: 0 location: https://c69941fc93.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	071f42ce81.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123	136.243.42.50	200 OK	54 kB
URL 071f42ce81.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54162 bytes) Hash c365e67983f934e313c50f5d69c70899 83d8a0042d0dfd5223e5d666a896bfe97d6896cc 80d51c69520b57ba354502a2b29aaea45da4850a7753240d08db72d088d2c4b4 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 HTTP/1.1 Host: 071f42ce81.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://071f42ce81.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	c69941fc93.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL c69941fc93.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: c69941fc93.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c69941fc93.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	255eca53e9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86	136.243.42.50	200 OK	19 kB
URL 255eca53e9.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 19 kB (18919 bytes) Hash 9ed1abe65063d99137268a65596671f7 10077d0ad7636139475dd6238d95af9091545796 a8c28732797fa5ef54c78b8b5a9624f62d0877ccc0c8a369fc0d20ad582aea92 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 HTTP/1.1 Host: 255eca53e9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://255eca53e9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9da40bb2-c7c0-4c54-be2b-07b08a812c86 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	e883c7ad1a.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3	136.243.42.50	200 OK	20 kB
URL e883c7ad1a.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 20 kB (19527 bytes) Hash 82d119e39e0c938273ed48b911ac9259 2ea095ac19f43f74d416dcf9f4719291f52bbb8c f0eec13293de19b00df17d640ccd9876b530367a9a00c7be3e0c036bfc5a61f5 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 HTTP/1.1 Host: e883c7ad1a.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e883c7ad1a.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a93e4fe7-a526-4e01-b609-d4868ae02cf3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c69941fc93.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclj3; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:36 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclja; expires=Mon, 13 Jan 2025 01:26:36 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:12 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c69941fc93.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-length: 0 location: https://c0cd9104a5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	c69941fc93.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77	136.243.42.50	200 OK	54 kB
URL c69941fc93.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash 1e410435d6df2271b2ee0690e933614f 7a9d77b4592ea9ccee185b156fd841ea6576110b 2b51d4c0208119d9eadf467f70bd8afd94afdcdf2aa3ea3150fe95dee641e398 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 HTTP/1.1 Host: c69941fc93.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c69941fc93.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	1ecfd219a4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f	136.243.42.50	200 OK	12 kB
URL 1ecfd219a4.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 12 kB (11792 bytes) Hash 23b3b131e532fc0bab351d946ab3e587 84ab5f4c06673ae162451e684a440a0bba100a07 fcafd4bdb0526cda36c827bf5906baf7e907af5e68b559b1ad701d044e51ca7c HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a9c8dae4-ce0d-46c5-8a62-78c28a549b4f HTTP/1.1 Host: 1ecfd219a4.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e8eda1fac2.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:27 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e7ce4342a0.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7	136.243.42.50	200 OK	18 kB
URL e7ce4342a0.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 98a81cbd9fd6dcd15afdbd48652b70da fdad3c0f3df1b680b570f9d9a229caefeae4f0d1 f514b2965c7cb9affc4657b4510832af5564c396c9e85404ae5972bcf6bd8c1b HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 HTTP/1.1 Host: e7ce4342a0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://e7ce4342a0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c0cd9104a5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-length: 0 location: https://cbad9843ee.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	cbad9843ee.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648	136.243.42.50	200 OK	45 kB
URL cbad9843ee.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 45 kB (45160 bytes) Hash b5cb8b20be969444a312bcd9f597ba60 c74717e20656478d3671e5a2ddc38cbc319d3f87 9e36612c765b56cf6ae8020c2b4b207702e50fe3c52426623b1cafe6ead5767b HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 HTTP/1.1 Host: cbad9843ee.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c0cd9104a5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cbad9843ee.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcljf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:36 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcljh; expires=Mon, 13 Jan 2025 01:26:36 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:12 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cbad9843ee.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-length: 0 location: https://6b04758c37.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dd96d7dd-e427-4723-8f3d-060c8dc03324 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	40c7b6dad0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0	136.243.42.50	200 OK	128 kB
URL 40c7b6dad0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 128 kB (127607 bytes) Hash d8ad484a400d50f336025ae279bb7346 f23b97b84ac8644e80fed938ad69f10fd95c8501 52d907c239005b23eaae56152984c2bdc9b465241d0cc6304260fd1a4fe27c2f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=d20c0b45-538c-4afb-ac81-820fa1a2e7b0 HTTP/1.1 Host: 40c7b6dad0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://47e4ddc901.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	6b04758c37.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL 6b04758c37.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: 6b04758c37.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6b04758c37.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dd96d7dd-e427-4723-8f3d-060c8dc03324 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	47e4ddc901.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01	136.243.42.50	200 OK	7.8 kB
URL 47e4ddc901.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 7.8 kB (7824 bytes) Hash c3e7580ba06c3d655b67a8c7a1bd2e64 9542e8f85582bb96268baa06af0ee2c2ed7c6397 339280ead3ecdef319bccb01a6c422ad61891515ec99077657f441339d7528ba HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=66644773-23c1-4e8f-941c-3328ec833d01 HTTP/1.1 Host: 47e4ddc901.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5bab417ecc.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b76f6ffdd9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556	136.243.42.50	200 OK	11 kB
URL b76f6ffdd9.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 11 kB (11095 bytes) Hash 8b72858ffc379b43afe2fd2d34e98f87 7763404d2838a28b78c84b4c2498697f6ed9b494 78b5b1fe98e4da729dce4f779526c86f3437054f5df9e27279fe2bc962c723c1 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=e17b6b81-308a-4612-9938-24fcd17cd556 HTTP/1.1 Host: b76f6ffdd9.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://40c7b6dad0.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:35 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858	136.243.42.50	200 OK	11 kB
URL 9689095c6b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 11 kB (10902 bytes) Hash c56a56157e74f8dc63763ea82bb02abc 2953c645263144ca8a96b719ca08179b286bc2fc 3e0e407b10f021b03ca355c44b27c44aadc76fc6e5eda932feb1d321f154219b HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=e1d4692c-61b5-47b6-9b16-f3615d8d8858 HTTP/1.1 Host: 9689095c6b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3038fd42a8.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	7d0bda3bad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36	136.243.42.50	200 OK	14 kB
URL 7d0bda3bad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 14 kB (13592 bytes) Hash 5fd972f8c376d3156d5cf9d75f596ec0 d8d313a166e070f0d3a0286aada139572f157c48 c69ab6d0068635be125c3a24e388124a2e628249eec638c95974a95d5e2591a2 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=b9f8f742-7442-488b-9438-2da9d6b02e36 HTTP/1.1 Host: 7d0bda3bad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1b2d0e6211.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:25 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	3038fd42a8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79	136.243.42.50	200 OK	32 kB
URL 3038fd42a8.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 32 kB (31627 bytes) Hash 83ab0f2f821b6a0157706595df2eb5b0 ac424ef75516ea813920ee9cca6fac377f12a5f0 219d4fa126690da995770dd65fe661ce4ef17a896a3e602d114888283a7f5490 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a552e524-ecaf-4353-8afd-9d457421eb79 HTTP/1.1 Host: 3038fd42a8.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://7ed64179b5.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	071f42ce81.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123	136.243.42.50	200 OK	96 kB
URL 071f42ce81.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 96 kB (95924 bytes) Hash ce0c5249bd311bfd25df67e61d8beb81 e8dd5555116c3dc69b408926a15db018b073689a 099874f2f518f9ce9c24a282b3a873b6cfde52d77331ec5da004167582d1baef HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=c1d41a13-3ccf-4b79-9d1d-b8daac39f123 HTTP/1.1 Host: 071f42ce81.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e470215e9b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6b04758c37.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcljh; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:37 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:37 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcljo; expires=Mon, 13 Jan 2025 01:26:37 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:14 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://6b04758c37.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-length: 0 location: https://45af485775.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	45af485775.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151	136.243.42.50	200 OK	39 kB
URL 45af485775.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 39 kB (38995 bytes) Hash e2756e48f98eae48d1db620026382e7f 12f96fb84be89e101b07ff7621659d3c303c29a3 28b9346cbc17936d41c398d36969542b09cd92cf84cfc9d6faf870f50e5ac6b4 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 HTTP/1.1 Host: 45af485775.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://6b04758c37.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	45af485775.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 45af485775.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 45af485775.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://45af485775.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	bc533f00bf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=3c33a880-635d-4048-b769-040209d52ac0	136.243.42.50	200 OK	28 kB
URL bc533f00bf.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=3c33a880-635d-4048-b769-040209d52ac0 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 28 kB (27563 bytes) Hash e15accea4282f076dc8094785b29428e a26d9afb5be6c6f6c28be594c1d912f26e0e8b96 1a6542957e2e6b40e92f51c4af3bd4ab71eff5239232600a14856611242d8b16 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=3c33a880-635d-4048-b769-040209d52ac0 HTTP/1.1 Host: bc533f00bf.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5424e1d42d.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://45af485775.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-length: 0 location: https://d7ed00a04f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d7ed00a04f.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL d7ed00a04f.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: d7ed00a04f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d7ed00a04f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	d7ed00a04f.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL d7ed00a04f.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: d7ed00a04f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d7ed00a04f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	e7ce4342a0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7	136.243.42.50	200 OK	29 kB
URL e7ce4342a0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (26945) Size 29 kB (28847 bytes) Hash 7ed56f6d6e237a77a102dad55c6d0c5a 7853a25dfb8fe90d1977dec2dc854ad2a4ee39d5 cf86aefbd263764510e7c86af4b6a5fb0791083916b24d132a893adaaef2085f HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=c667dd9b-b3dd-4bf9-a684-02c30d01ddf7 HTTP/1.1 Host: e7ce4342a0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://1ffcb03e3c.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	e470215e9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226	136.243.42.50	200 OK	10 kB
URL e470215e9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 10 kB (10524 bytes) Hash 4d85364bca897eebbe2fa6a6ec778ad5 6d4ccbf18003d8c41324c13b0cd46d6dced30259 e3b9a3926137aaf82ee9b87b8259606ab09a1838b540bc0df81768f539f4e039 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=65fae0e6-edb6-4bbe-a473-c6128d4b0226 HTTP/1.1 Host: e470215e9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9689095c6b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:36 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d7ed00a04f.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcljt; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:37 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:37 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclk3; expires=Mon, 13 Jan 2025 01:26:37 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:14 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d7ed00a04f.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-length: 0 location: https://3111f99c15.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ab21df56ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cb8d4d54-a960-4751-a10a-b1197b3e447b	136.243.42.50	200 OK	128 kB
URL ab21df56ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cb8d4d54-a960-4751-a10a-b1197b3e447b IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 128 kB (127607 bytes) Hash 7005de0e45947a19b4d96a4d3875e6c5 ffd2b290b3183ce4ad6fe51aff5ee588ea5842a0 5c84c6bcf4aac55b8725915349b00f35eff39605ed458ca1d5e2b9e4bd8baca0 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=cb8d4d54-a960-4751-a10a-b1197b3e447b HTTP/1.1 Host: ab21df56ec.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e1fa4f1343.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:30 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	3111f99c15.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL 3111f99c15.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: 3111f99c15.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3111f99c15.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	3111f99c15.news-bmacazo.cc/lands/61/images/spinning-circles2.svg	136.243.42.50	200 OK	503 B
URL 3111f99c15.news-bmacazo.cc/lands/61/images/spinning-circles2.svg IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /lands/61/images/spinning-circles2.svg HTTP/1.1 Host: 3111f99c15.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3111f99c15.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	1ffcb03e3c.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23	136.243.42.50	200 OK	93 kB
URL 1ffcb03e3c.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 93 kB (92971 bytes) Hash 180b1f53c9e755195ffedd12b8197079 315065ef9774635b1004f158af69130ea90b521f 8b92b0fb05788ac5281f160e303e4be282cbc8f789d1338b44bb71a0336a1496 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 HTTP/1.1 Host: 1ffcb03e3c.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://baf3e90072.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	45af485775.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151	136.243.42.50	200 OK	18 kB
URL 45af485775.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 3a66f5042396afc9eee74f852f70c05a e7bb54c6cb15757aad503dff4d84029162209b6e c823f7d87371fdb7b1775a2400fd43c04686141df3c657b8be250106a93b5178 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 HTTP/1.1 Host: 45af485775.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://45af485775.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a09587d6-83bf-4a48-8488-f5d8aebab151 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3111f99c15.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-length: 0 location: https://8b248d127f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b896d460-9da9-4c56-b534-579184904722 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	8b248d127f.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 8b248d127f.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 8b248d127f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8b248d127f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b896d460-9da9-4c56-b534-579184904722 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://8b248d127f.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclk7; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:38 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:38 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclka; expires=Mon, 13 Jan 2025 01:26:38 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:16 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8b248d127f.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-length: 0 location: https://a51140e9ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a51140e9ec.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL a51140e9ec.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: a51140e9ec.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a51140e9ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a51140e9ec.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclka; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:38 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:38 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclke; expires=Mon, 13 Jan 2025 01:26:38 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:16 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a51140e9ec.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-length: 0 location: https://0a5a57fbe0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b370f484-6925-4e60-b915-15c389bff33b vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	0a5a57fbe0.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 0a5a57fbe0.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 0a5a57fbe0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0a5a57fbe0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b370f484-6925-4e60-b915-15c389bff33b Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	a51140e9ec.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add	136.243.42.50	200 OK	26 kB
URL a51140e9ec.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 26 kB (25667 bytes) Hash e747448ce876cc53ee00963eccc97da4 5f9528a3a4104b6ae04b7df1841731435e5d01d9 3ce26c2ca96e21450589de14c3d0ba3bceafdd99ead6400e506db19d2a40e017 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add HTTP/1.1 Host: a51140e9ec.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://a51140e9ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	c69941fc93.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77	136.243.42.50	200 OK	14 kB
URL c69941fc93.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 14 kB (13723 bytes) Hash 6c85fc5a9ca5e4bcb02d448ac3f3c3ac a0f2fd017577879b92fafd2e95d875ddf0ecfeab c85c001dc3c9faa22438aac325527e4cb81e8e34c06111e150dd301655136e25 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=08c30178-f3d0-4c1f-8dd6-aa6172f31a77 HTTP/1.1 Host: c69941fc93.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e7ce4342a0.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	baf3e90072.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97	136.243.42.50	200 OK	26 kB
URL baf3e90072.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 26 kB (26263 bytes) Hash d265b0ba731318dc5b0f3d6f9d264d5f c7ea409232a614fd923246b4083f330ef4a4a36c 8c78a9f0dbb2a8586478ddf68b04a9acca3a9deff6944b8648c505d19747e0fa HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 HTTP/1.1 Host: baf3e90072.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://baf3e90072.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4e3ce97f-cbf6-4598-97a8-cb9cf32e4d97 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://0a5a57fbe0.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclke; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:38 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:38 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclkl; expires=Mon, 13 Jan 2025 01:26:38 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:16 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://0a5a57fbe0.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-length: 0 location: https://137abc766b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	137abc766b.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 137abc766b.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 137abc766b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://137abc766b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://137abc766b.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclkl; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:38 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:38 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclkr; expires=Mon, 13 Jan 2025 01:26:38 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:16 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://137abc766b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-length: 0 location: https://553fa9d478.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a2f1a26d-97cb-4733-b8b9-83eb24b35055 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	1ffcb03e3c.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23	136.243.42.50	200 OK	54 kB
URL 1ffcb03e3c.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash 712e584a741aff455454e9b4638fc5d2 57ee1ae45f5569f23b47d93d4483f0576ba207fc 58a4902e2bcd027f699e0e334fb3a0cd33585a8ca8af7a2ee6c0ceeba4747cc9 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 HTTP/1.1 Host: 1ffcb03e3c.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://1ffcb03e3c.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=bd1da339-3c55-44a7-b430-6fa06656bf23 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:37 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	553fa9d478.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 553fa9d478.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 553fa9d478.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://553fa9d478.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a2f1a26d-97cb-4733-b8b9-83eb24b35055 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	137abc766b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93	136.243.42.50	200 OK	18 kB
URL 137abc766b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash bacdd30ff3afcd810935dfbab473e6d7 86014a771388dfcd547773f9dcf303d89e6be69c d2d40a60f04431275353df1d0703c6deb7a28432ce6486192f31db4f823241e8 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93 HTTP/1.1 Host: 137abc766b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://137abc766b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=23d21c87-9521-4015-ac44-0376291c7d93 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://553fa9d478.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-length: 0 location: https://5d1bcc3ba3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5d1bcc3ba3.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 5d1bcc3ba3.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 5d1bcc3ba3.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5d1bcc3ba3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5d1bcc3ba3.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclkt; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:39 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:39 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcll1; expires=Mon, 13 Jan 2025 01:26:39 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:18 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	5d1bcc3ba3.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5	136.243.42.50	200 OK	18 kB
URL 5d1bcc3ba3.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash c5eb4c63e2a4c1b21dab63968cd0ade6 0c4ee869d354cabb70ab385c6cb77cb50299a256 40962d3e83c58059024efe9dbd39c6c561e9ddc3183f0fb9fd1abe546dc06796 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 HTTP/1.1 Host: 5d1bcc3ba3.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://5d1bcc3ba3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	12dc76b377.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 12dc76b377.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 12dc76b377.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://12dc76b377.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	12dc76b377.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14	136.243.42.50	200 OK	18 kB
URL 12dc76b377.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18416 bytes) Hash 70fa8284dfb7b8ffd43382fd09be1560 091bbcac944841ec97998af1ccfeef4fdabae4bf 7448bf6ab732e0a4b1b2811b749a7ecdec3e0894711b31127e2e47a502875b9e HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 HTTP/1.1 Host: 12dc76b377.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://12dc76b377.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://12dc76b377.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-length: 0 location: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL d523d69065.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c0cd9104a5.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8	136.243.42.50	200 OK	26 kB
URL c0cd9104a5.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 26 kB (25668 bytes) Hash da2fe50135da13e67319c840c6db9d78 f5d0c17908d68bd481d177d04609c4b500e5b0b0 e681a63f4f2338aa1c66c4fc5216d618e62bfc74dc616a151cf123bf0f45cf02 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 HTTP/1.1 Host: c0cd9104a5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://c0cd9104a5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	cbad9843ee.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648	136.243.42.50	200 OK	23 kB
URL cbad9843ee.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 23 kB (22992 bytes) Hash 00ca629fe9ba241b7c0cd88a041a2b3a 8dd11a59280fdc02568e6343fb3f046845eb72fb fccd5db8aa8d1ecad2686eec17bd3ae81c69b0b1a4e75d3d7bf06c6ff83c31f8 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 HTTP/1.1 Host: cbad9843ee.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cbad9843ee.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=1f7a8c03-a606-4b88-a308-f1daa46cd648 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL d523d69065.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL d523d69065.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL d523d69065.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL d523d69065.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL d523d69065.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	12dc76b377.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14	136.243.42.50	200 OK	10 kB
URL 12dc76b377.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (7564) Size 10 kB (10328 bytes) Hash c033f37d27f10b1b384a1f77e5d4c377 7185fb359cb757959e9f186a94adbebe4df2c519 8b6b53f4f90dcdcaf8e75356d93e25dbdaa779c07354e5c516ccc22fa02a8267 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=f826864e-83cf-4731-bc90-37d74fdd9a14 HTTP/1.1 Host: 12dc76b377.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://5d1bcc3ba3.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d523d69065.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-length: 0 location: https://48359cad7e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	48359cad7e.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 48359cad7e.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 48359cad7e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://48359cad7e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://48359cad7e.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclla; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:40 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcllc; expires=Mon, 13 Jan 2025 01:26:40 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:20 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://48359cad7e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-length: 0 location: https://33b99e1642.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	33b99e1642.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 33b99e1642.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 33b99e1642.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33b99e1642.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33b99e1642.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcllc; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:40 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcllh; expires=Mon, 13 Jan 2025 01:26:40 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:20 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://33b99e1642.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-length: 0 location: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	48359cad7e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080	136.243.42.50	200 OK	54 kB
URL 48359cad7e.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash ef3ec195256591ae661813ff32bced26 a47fbedff3ba5093fd9b423430c3d0ce9112765a 36f85a2587099df51376fccf7d2aea463206aa6662bcf58a423dfc489618626b HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 HTTP/1.1 Host: 48359cad7e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://48359cad7e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	57cce00ccd.news-bmacazo.cc/lands/39/img/icon1.png	136.243.42.50	200 OK	7.3 kB
URL 57cce00ccd.news-bmacazo.cc/lands/39/img/icon1.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.3 kB (7252 bytes) Hash 3d0ab5834c8bf7134e4d21fa3288317f c31d1a6b9df206f67ea194f4c424cdc372a423c2 0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27 HTTP Headers GET /lands/39/img/icon1.png HTTP/1.1 Host: 57cce00ccd.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: image/png content-length: 7252 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1c54" accept-ranges: bytes X-Firefox-Spdy: h2`

	d523d69065.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d	136.243.42.50	200 OK	23 kB
URL d523d69065.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 23 kB (22991 bytes) Hash fd588f43976c88ba3910032a747b41c0 b50be9e39078a87527dc9c3030e54fdcacd7bc4b dac86a21f6a7e291e3fc48b3446dc816d831f4adf54627a12003aac5fe799316 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d HTTP/1.1 Host: d523d69065.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d523d69065.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=25ab9d3e-19b0-49e7-b01a-c27cadac7f5d Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	33b99e1642.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1	136.243.42.50	200 OK	26 kB
URL 33b99e1642.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data Size 26 kB (26263 bytes) Hash 217dd2b3b10a8b208b3ca6d437027dbf 8461fa3a91e18afd406e3accf6fbdfbc86283bb9 09155c63dc06e4f1d780c0d1d84c1d56ec135d3e12d41025455250a745b57a98 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1 HTTP/1.1 Host: 33b99e1642.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://33b99e1642.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=9d8f97f9-ee19-406d-b3b5-47ca182495d1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	57cce00ccd.news-bmacazo.cc/lands/39/img/icon4.png	136.243.42.50	200 OK	7.0 kB
URL 57cce00ccd.news-bmacazo.cc/lands/39/img/icon4.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.0 kB (7032 bytes) Hash 7ad7f32c1c0df7b4975cc41bda4ac435 81d57e996ee6cd9e122592e68ffa3d55c1ba10ff c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f HTTP Headers GET /lands/39/img/icon4.png HTTP/1.1 Host: 57cce00ccd.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: image/png content-length: 7032 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1b78" accept-ranges: bytes X-Firefox-Spdy: h2`

	57cce00ccd.news-bmacazo.cc/lands/39/img/icon5.png	136.243.42.50	200 OK	3.3 kB
URL 57cce00ccd.news-bmacazo.cc/lands/39/img/icon5.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3264 bytes) Hash 1e1a7582b5da63e10485d63f97abc9a0 ca3ee3067f96c732f455bc7c99ec5100194f13f6 196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503 HTTP Headers GET /lands/39/img/icon5.png HTTP/1.1 Host: 57cce00ccd.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: image/png content-length: 3264 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cc0" accept-ranges: bytes X-Firefox-Spdy: h2`

	57cce00ccd.news-bmacazo.cc/lands/39/img/icon7.png	136.243.42.50	200 OK	3.3 kB
URL 57cce00ccd.news-bmacazo.cc/lands/39/img/icon7.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3283 bytes) Hash b512735542cb07b3b2dcf153a7dfe456 93bde8875412ce266600e2af1c37123483a50376 e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718 HTTP Headers GET /lands/39/img/icon7.png HTTP/1.1 Host: 57cce00ccd.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: image/png content-length: 3283 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-cd3" accept-ranges: bytes X-Firefox-Spdy: h2`

	57cce00ccd.news-bmacazo.cc/lands/39/img/icon8.png	136.243.42.50	200 OK	4.1 kB
URL 57cce00ccd.news-bmacazo.cc/lands/39/img/icon8.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.1 kB (4064 bytes) Hash f92d6474ebc6a3a0b576749cfb4afe98 0f4ce3dcf04873b8098c01d20c44967fb9fce0cc 3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1 HTTP Headers GET /lands/39/img/icon8.png HTTP/1.1 Host: 57cce00ccd.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e7d12950-35c1-4631-9c87-8a93c6fe5a30 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: image/png content-length: 4064 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-fe0" accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://57cce00ccd.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcllh; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:40 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclln; expires=Mon, 13 Jan 2025 01:26:40 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:20 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://57cce00ccd.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-length: 0 location: https://49453c3482.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4d8140be-a162-42c4-83b3-8e06838f5f65 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	49453c3482.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 49453c3482.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 49453c3482.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://49453c3482.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4d8140be-a162-42c4-83b3-8e06838f5f65 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://49453c3482.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclln; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:40 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:40 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpcllq; expires=Mon, 13 Jan 2025 01:26:40 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:20 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	6b04758c37.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dd96d7dd-e427-4723-8f3d-060c8dc03324	136.243.42.50	200 OK	41 kB
URL 6b04758c37.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dd96d7dd-e427-4723-8f3d-060c8dc03324 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 41 kB (40702 bytes) Hash 6912bb43807db1b05fac019096a66fa6 6a33d7d228f20020468facd45a95f89a9b436c79 662065632a56dda0eb61ae4988ea31340f7b3572696290718db192f6ed06e5e3 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=dd96d7dd-e427-4723-8f3d-060c8dc03324 HTTP/1.1 Host: 6b04758c37.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cbad9843ee.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	29910a58ce.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a	136.243.42.50	200 OK	39 kB
URL 29910a58ce.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 39 kB (38995 bytes) Hash 66082ff2235d26d21554f3280dd5337b 800cc37ddba298d0d0800f88c01dc3ecae1740ff 00a886d0fa0679d1f91a0d1ef030f906b74cdeac2d9a00329e3c553cab15c3dd HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a HTTP/1.1 Host: 29910a58ce.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://49453c3482.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	29910a58ce.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 29910a58ce.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 29910a58ce.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://29910a58ce.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://29910a58ce.news-bmacazo.cc/ Cookie: _subid=376l60j1bpcllq; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:41 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:41 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclm0; expires=Mon, 13 Jan 2025 01:26:41 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:22 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://29910a58ce.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-length: 0 location: https://81d714982e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a8ea2921-a360-45c8-a92f-8efb6f79bdaf vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	29910a58ce.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a	136.243.42.50	200 OK	54 kB
URL 29910a58ce.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54163 bytes) Hash c68125d543374aba5f6c272483672275 f6e0f4f893e596d0080186f0d79d1af1bd5a61b2 a5554def5dabb4db55a146dca70ca09cbf55631f056ad914c61bcbd2dfd00611 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a HTTP/1.1 Host: 29910a58ce.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://29910a58ce.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=5701bcf1-85e3-404a-b1fc-c6c4b182106a Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	81d714982e.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 81d714982e.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 81d714982e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://81d714982e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a8ea2921-a360-45c8-a92f-8efb6f79bdaf Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://81d714982e.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclm0; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:41 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:41 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclm3; expires=Mon, 13 Jan 2025 01:26:41 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:22 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://81d714982e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-length: 0 location: https://8d2bde8646.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=26b079f5-6cdd-4f54-b2f5-53b053f03209 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	8d2bde8646.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=26b079f5-6cdd-4f54-b2f5-53b053f03209	136.243.42.50	200 OK	128 kB
URL 8d2bde8646.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=26b079f5-6cdd-4f54-b2f5-53b053f03209 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 128 kB (127607 bytes) Hash f18ff218b999fee1366fbdd0f9065d9e 3c4c3344b47a1b0cd5a123e8ad12509f108e1b58 2a68e2c36eeff96b5064683fb923406d21b8883fa1b6cc53b1fe470c438c8423 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=26b079f5-6cdd-4f54-b2f5-53b053f03209 HTTP/1.1 Host: 8d2bde8646.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://81d714982e.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05	136.243.42.50	200 OK	9.4 kB
URL ff58e54557.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (7673) Size 9.4 kB (9413 bytes) Hash 342266a1b27ef1e7c5b067d2d5387ca9 357ed4b0581612d7b9ceb1dc9f023a20f4f58aa1 76f887a2a223f780b066ec803e219a7122abd38cb4c667f0af7b792e5a99410b HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=e5861f3b-7a56-4990-932d-63584ef7cb05 HTTP/1.1 Host: ff58e54557.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://e883c7ad1a.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:33 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8	136.243.42.50	200 OK	14 kB
URL 5bab417ecc.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (7564) Size 14 kB (14198 bytes) Hash 051aaa2d146ab90bfe708e6a2ff57bef dd45c7afa7a96b876bf30295790985f5598acfd4 7547500425dfce92082e0985472ffd2948ff7bb708984cf655a86195ace1872a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=40949da3-3055-47ae-8e2e-b8a545c57aa8 HTTP/1.1 Host: 5bab417ecc.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://9836403011.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:34 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	cc8744e9ad.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL cc8744e9ad.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: cc8744e9ad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cc8744e9ad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	3111f99c15.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76	136.243.42.50	200 OK	16 kB
URL 3111f99c15.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 16 kB (16399 bytes) Hash 0bf341820dbec5445bdd115f2726851f 9319f9fc1ed978ca2d216e9ba34064a3f95a7377 444229bd56c18bf79418d67737f18e47271e680104a27455c10eece7acab06ad HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=6634f338-b8ec-4c96-9829-d099aa6b5b76 HTTP/1.1 Host: 3111f99c15.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d7ed00a04f.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	a51140e9ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add	136.243.42.50	200 OK	37 kB
URL a51140e9ec.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 37 kB (36790 bytes) Hash 5832f79634c4878011682398021cb93a 77fe2f6426655445c1748e65d72c9f2c934c4386 4baf32710a7f87cd09fce93fcb5b3e69ed8717c62db8e9bcb56c4049f8468702 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=31eeeb54-1e8f-4c9c-a180-587829709add HTTP/1.1 Host: a51140e9ec.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://8b248d127f.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	cc8744e9ad.news-bmacazo.cc/lands/39/img/icon3.png	136.243.42.50	200 OK	7.8 kB
URL cc8744e9ad.news-bmacazo.cc/lands/39/img/icon3.png IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 7.8 kB (7847 bytes) Hash 8f3cc830da0b1fdf66bda7d1d734747b 94588f041eec3a78a8780c8124c56a1434a89277 ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba HTTP Headers GET /lands/39/img/icon3.png HTTP/1.1 Host: cc8744e9ad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cc8744e9ad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: image/png content-length: 7847 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1ea7" accept-ranges: bytes X-Firefox-Spdy: h2`

	0a5a57fbe0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b370f484-6925-4e60-b915-15c389bff33b	136.243.42.50	200 OK	11 kB
URL 0a5a57fbe0.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b370f484-6925-4e60-b915-15c389bff33b IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 11 kB (10902 bytes) Hash 191eda9b023a2bcdc5226b42202f0efa 43abb13ce198a3b9589551687e7a711e9cc74c22 c96f0c1a11e34d2cba41b6de388a4b46ae3439319c4aaf652dcfbf491ad41f22 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=b370f484-6925-4e60-b915-15c389bff33b HTTP/1.1 Host: 0a5a57fbe0.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://a51140e9ec.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	553fa9d478.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a2f1a26d-97cb-4733-b8b9-83eb24b35055	136.243.42.50	200 OK	6.5 kB
URL 553fa9d478.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a2f1a26d-97cb-4733-b8b9-83eb24b35055 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 6.5 kB (6512 bytes) Hash 642810897b2ddb9fd7a5db7d7e571716 d56244e6fe9a644c8f6feb389d6929d3f81e644f 1ac6af1042dc372b5eb3c3a8ebe92182d1483baa23e1daf62eaf59ab1e47fc95 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a2f1a26d-97cb-4733-b8b9-83eb24b35055 HTTP/1.1 Host: 553fa9d478.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://137abc766b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	5d1bcc3ba3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5	136.243.42.50	200 OK	14 kB
URL 5d1bcc3ba3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 14 kB (13611 bytes) Hash f883f0d1ac5028d6a5c52c2baf1e3c9c 97b6138d597d59836f7e453c57564c64db308828 7e5b45f8f7fafd98ba53efd9195dee2fea436a5e297229db6126f0883fbb2c31 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=213dba8e-9dc4-4594-9d05-e0e5bc7591c5 HTTP/1.1 Host: 5d1bcc3ba3.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://553fa9d478.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:40 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	48359cad7e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080	136.243.42.50	200 OK	14 kB
URL 48359cad7e.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 14 kB (13477 bytes) Hash 8a348ed49d94c51343a4517452bd865e d2b6b4a91084a3954b8c37b8304dd872fb23dc69 3019e8b5204aec55abacb5a3be9c07fe602560cfce2d3b3e1ce3b8259273176a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=cd4fddae-6795-4932-abe8-56b091ab9080 HTTP/1.1 Host: 48359cad7e.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://d523d69065.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:41 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cc8744e9ad.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclm8; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:41 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:41 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclma; expires=Mon, 13 Jan 2025 01:26:41 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:22 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	cc8744e9ad.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255	136.243.42.50	200 OK	18 kB
URL cc8744e9ad.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 18 kB (18415 bytes) Hash c0ecf80c9995a4c571ca2dae0a8a58a3 0d3bfde3baf7c62c80d07b85aee336d6ae6a7d79 de7626447e0e1c9ebe434ecf2a218c23f8dad596abb0dd2101b3d4aa86aaf218 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255 HTTP/1.1 Host: cc8744e9ad.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cc8744e9ad.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a10f11a1-3913-4af0-8f7c-8da75da6b255 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	fa7dabeb8b.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL fa7dabeb8b.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: fa7dabeb8b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fa7dabeb8b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	fa7dabeb8b.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL fa7dabeb8b.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: fa7dabeb8b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fa7dabeb8b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fa7dabeb8b.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclma; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:42 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:42 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclmc; expires=Mon, 13 Jan 2025 01:26:42 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:24 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fa7dabeb8b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-length: 0 location: https://fdbeed36f3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a3f54601-861d-4994-aef5-880028709e25 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	fdbeed36f3.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL fdbeed36f3.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: fdbeed36f3.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fdbeed36f3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a3f54601-861d-4994-aef5-880028709e25 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	fdbeed36f3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a3f54601-861d-4994-aef5-880028709e25	136.243.42.50	200 OK	110 kB
URL fdbeed36f3.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a3f54601-861d-4994-aef5-880028709e25 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, Unicode text, UTF-8 text, with very long lines (63341) Size 110 kB (110276 bytes) Hash 5e0e884a8829cd850c94d3c5a8228bd6 14d66ce93e6241f14e8fc8e46d4982273a61c469 1e026cbf6600b7e6ba4bb7ef5f16059111a55f1a7bbd58c9de41e8d48fbbf450 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a3f54601-861d-4994-aef5-880028709e25 HTTP/1.1 Host: fdbeed36f3.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fa7dabeb8b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://fdbeed36f3.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-length: 0 location: https://2911691b9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=871f6ebc-c7e6-483e-b0a9-77cd93b0f2b2 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	d7ed00a04f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4	136.243.42.50	200 OK	72 kB
URL d7ed00a04f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type data Size 72 kB (72457 bytes) Hash 817f83e9dc9231a09aed091176e18391 2feb6e8b1b60dd7c03822ce5a8d567471abb8aeb 5d40654e82b4448a77e32833e673013ef8bd819e08b66f86e7899a4ef1c8f305 HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=a5ab5e8c-fba1-49b9-95c6-94820cb3b3d4 HTTP/1.1 Host: d7ed00a04f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://45af485775.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:39 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	2911691b9b.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL 2911691b9b.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: 2911691b9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2911691b9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=871f6ebc-c7e6-483e-b0a9-77cd93b0f2b2 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	2911691b9b.news-bmacazo.cc/lands/61/images/spinning-circles2.svg	136.243.42.50	200 OK	503 B
URL 2911691b9b.news-bmacazo.cc/lands/61/images/spinning-circles2.svg IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type SVG Scalable Vector Graphics image Size 503 B (503 bytes) Hash 14e6f9981fa27406176056df2451d27b aa1b6fd6071391d0031bff2d74ae77347ec2fdb4 466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f HTTP Headers GET /lands/61/images/spinning-circles2.svg HTTP/1.1 Host: 2911691b9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2911691b9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=871f6ebc-c7e6-483e-b0a9-77cd93b0f2b2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: image/svg+xml content-length: 503 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-1f7" accept-ranges: bytes X-Firefox-Spdy: h2`

	2911691b9b.news-bmacazo.cc/lands/61/js/device.js	136.243.42.50	200 OK	1.1 kB
URL 2911691b9b.news-bmacazo.cc/lands/61/js/device.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers GET /lands/61/js/device.js HTTP/1.1 Host: 2911691b9b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2911691b9b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=871f6ebc-c7e6-483e-b0a9-77cd93b0f2b2 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://2911691b9b.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclmf; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:42 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:42 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclmq; expires=Mon, 13 Jan 2025 01:26:42 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:24 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://2911691b9b.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-length: 0 location: https://3368b60a2f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	3368b60a2f.news-bmacazo.cc/revopush_v2.js	136.243.42.50	200 OK	36 kB
URL 3368b60a2f.news-bmacazo.cc/revopush_v2.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35747 bytes) Hash 574181c81738b7cc4ab341ab49c80946 e00d1b716302ea9c475a29c00283cad8d60d7a59 23d0871eebca6f9eb0fac4359b300c4085c3b8bd0719f1201e299a012866d9a2 HTTP Headers `GET /revopush_v2.js HTTP/1.1 Host: 3368b60a2f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3368b60a2f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: application/javascript; charset=utf-8 content-length: 35747 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-8ba3" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	3368b60a2f.news-bmacazo.cc/lands/46/sketch.min.js	136.243.42.50	200 OK	2.4 kB
URL 3368b60a2f.news-bmacazo.cc/lands/46/sketch.min.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (4675), with no line terminators Size 2.4 kB (2379 bytes) Hash ed52afed30560dc3e13a88e35a300c18 8714792a53d24b5c641b9536a2d218d75b43b3f9 cad4eff11237dc84f803b46c8529ca9918e4429c38058a053ef5d492c707a711 HTTP Headers GET /lands/46/sketch.min.js HTTP/1.1 Host: 3368b60a2f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3368b60a2f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: application/javascript; charset=utf-8 content-length: 2379 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-94b" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	partners-tds.com/WzJQVS	142.202.51.61	302 Found	0 B
URL partners-tds.com/WzJQVS IP 142.202.51.61:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WzJQVS HTTP/1.1 Host: partners-tds.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3368b60a2f.news-bmacazo.cc/ Cookie: _subid=376l60j1bpclmq; 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx Date: Fri, 13 Dec 2024 01:26:42 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Fri, 13 Dec 2024 01:26:42 GMT Location: https://news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= Set-Cookie: _subid=376l60j1bpclmt; expires=Mon, 13 Jan 2025 01:26:42 GMT; path=/ 933eb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzM0MDUzMTgxfSxcInRpbWVcIjoxNzM0MDUzMTgxfSJ9.ZfDIGKiC2HK0Mj8GwF43zLwDJmP0AbyTkKjhyjWdg7M; expires=Sun, 26 Nov 2079 02:53:24 GMT; path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: *

	news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4=	23.158.56.123	302 Found	0 B
URL news-xpatado.com/tds?id=1218914904&p1=&p2=&p3=&p4= IP 23.158.56.123:0 ASN #63023 AS-GLOBALTELEHOST File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tds?id=1218914904&p1=&p2=&p3=&p4= HTTP/1.1 Host: news-xpatado.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://3368b60a2f.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Fri, 13 Dec 2024 01:26:42 GMT content-length: 0 location: https://b3860e6c41.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dbd3a5f7-b607-4f5c-b550-9b915d3a7a9f vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	3368b60a2f.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25	136.243.42.50	200 OK	54 kB
URL 3368b60a2f.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 54 kB (54162 bytes) Hash 2777013f877db71e2e2026b29540b409 fb2462bd6e1d9cd21e6d6945b89a852c02e37cac 332bde13b05fdf451a6cc502e8f07ccec1f62b5016156a019971f38771938767 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 HTTP/1.1 Host: 3368b60a2f.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3368b60a2f.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dacee7bd-d98f-49a8-832d-9104c4463e25 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

	b3860e6c41.news-bmacazo.cc/lands/61/css/style.css	136.243.42.50	200 OK	1.6 kB
URL b3860e6c41.news-bmacazo.cc/lands/61/css/style.css IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type ASCII text, with very long lines (6517), with no line terminators Size 1.6 kB (1602 bytes) Hash 100cee95b3c98fb1cf68040edd24e2a1 838847841beaf376403a44c6528aa66ed54f2bb6 6c174c172836cb2ebc57c3ede42ad28c92d52a3d5bc60925c44d99b48efa0d8e HTTP Headers GET /lands/61/css/style.css HTTP/1.1 Host: b3860e6c41.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b3860e6c41.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dbd3a5f7-b607-4f5c-b550-9b915d3a7a9f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: text/css content-length: 1602 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-642" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	c0cd9104a5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8	136.243.42.50	200 OK	3.8 kB
URL c0cd9104a5.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type HTML document, ASCII text, with very long lines (1493) Size 3.8 kB (3751 bytes) Hash 24b92856d6ed33be4e14dac21bb16813 f81d1e39da80b983df3af8e860d6f1309fb8e8ce 72cb283db512fc68e3c83138c86a372bf8001d76a31a5eb71f32518cadf2bf4a HTTP Headers GET /?id=1218914904&p1=&p2=&p3=&p4=&traceId=4bc968a0-a3e1-4ca7-b6b1-983f7b4c27f8 HTTP/1.1 Host: c0cd9104a5.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://c69941fc93.news-bmacazo.cc/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:38 GMT content-type: text/html; charset=UTF-8 vary: Origin x-frame-options: DENY X-Firefox-Spdy: h2`

	b3860e6c41.news-bmacazo.cc/lands/61/js/device.js	136.243.42.50	200 OK	1.1 kB
URL b3860e6c41.news-bmacazo.cc/lands/61/js/device.js IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (3289), with no line terminators Size 1.1 kB (1111 bytes) Hash 2d9887b21aa6b47c56e7f43e66560a4f 42cdfc5b3b23d32152750bf2cea4233044491768 863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85 HTTP Headers GET /lands/61/js/device.js HTTP/1.1 Host: b3860e6c41.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://b3860e6c41.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=dbd3a5f7-b607-4f5c-b550-9b915d3a7a9f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:44 GMT content-type: application/javascript; charset=utf-8 content-length: 1111 last-modified: Thu, 12 Dec 2024 09:18:45 GMT etag: "675aaa75-457" content-encoding: gzip accept-ranges: bytes X-Firefox-Spdy: h2`

	fa7dabeb8b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8	136.243.42.50	200 OK	37 kB
URL fa7dabeb8b.news-bmacazo.cc/process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8 IP 136.243.42.50:0 ASN #24940 Hetzner Online GmbH File type JavaScript source, ASCII text, with very long lines (57242) Size 37 kB (36833 bytes) Hash 009a804524c73147dd384c15371496dd cc1971dfd17bff961695cfd41f9f6f7f09b6dc56 ad3631194c7279c26e9d81bfb3efc86f168ad9cea37c76cfeddc102d40149692 HTTP Headers GET /process.js?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8 HTTP/1.1 Host: fa7dabeb8b.news-bmacazo.cc User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://fa7dabeb8b.news-bmacazo.cc/?id=1218914904&p1=&p2=&p3=&p4=&traceId=b5c6f63b-25c3-464f-8833-7f4976f12bb8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Fri, 13 Dec 2024 01:26:43 GMT content-type: application/javascript; charset=utf-8 accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: 0 pragma: no-cache vary: Origin, Accept-Encoding X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (410)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type