gknews.pw Open in urlscan Pro
23.111.182.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gknews.pw/
Submission: On January 20 via api (January 20th 2024, 11:39:30 am UTC) from US — Scanned from US

Summary HTTP 42 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 10 domains to perform 42 HTTP transactions. The main IP is 23.111.182.242, located in Tampa, United States and belongs to HVC-AS, US. The main domain is gknews.pw.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.

This is the only time gknews.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	23.111.182.242 23.111.182.242	29802 (HVC-AS) (HVC-AS)
2	18.173.132.116 18.173.132.116	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:230c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.49.7 18.238.49.7	16509 (AMAZON-02) (AMAZON-02)
10 10	52.85.61.81 52.85.61.81	16509 (AMAZON-02) (AMAZON-02)
10	18.238.55.129 18.238.55.129	16509 (AMAZON-02) (AMAZON-02)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2600:1408:540... 2600:1408:5400:392::31b3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::367	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1d14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	10

11 23.111.182.242 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: pacific.us.hostns.io

gknews.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dznews.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.132.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-116.jfk52.r.cloudfront.net

i2-prod.glasgowlive.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230c (United States)

ASN13335 (CLOUDFLARENET, US)

www.glasgowworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-7.jfk52.r.cloudfront.net

www.grampianonline.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.85.61.81 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-81.ewr53.r.cloudfront.net

mural.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.238.55.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-129.jfk52.r.cloudfront.net

www.mural.com.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

deporttideevenings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:5400:392::31b3 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cached-images.bonnier.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::367 (United States)

ASN54113 (FASTLY, US)

i.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d14 (United States)

ASN13335 (CLOUDFLARENET, US)

wpcluster.dctdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	mural.com.mx 10 redirects mural.com.mx — Cisco Umbrella Rank: 559676 www.mural.com.mx — Cisco Umbrella Rank: 629501	843 KB
10	dznews.pw dznews.pw	162 KB
2	glasgowworld.com www.glasgowworld.com — Cisco Umbrella Rank: 858692	146 KB
2	glasgowlive.co.uk i2-prod.glasgowlive.co.uk — Cisco Umbrella Rank: 378709	47 KB
1	dctdigital.com wpcluster.dctdigital.com — Cisco Umbrella Rank: 181451	39 KB
1	guim.co.uk i.guim.co.uk — Cisco Umbrella Rank: 15965	5 KB
1	bonnier.news cached-images.bonnier.news — Cisco Umbrella Rank: 312949	85 KB
1	deporttideevenings.com deporttideevenings.com
1	grampianonline.co.uk www.grampianonline.co.uk	302 KB
1	gknews.pw gknews.pw	10 KB
42	10

	Domain	Requested by
10	www.mural.com.mx	gknews.pw
10	mural.com.mx	10 redirects
10	dznews.pw	gknews.pw
2	www.glasgowworld.com	gknews.pw
2	i2-prod.glasgowlive.co.uk	gknews.pw
1	wpcluster.dctdigital.com
1	i.guim.co.uk
1	cached-images.bonnier.news	gknews.pw
1	deporttideevenings.com	gknews.pw
1	www.grampianonline.co.uk	gknews.pw
1	gknews.pw
42	11

This site contains links to these domains. Also see Links.

Domain
dznews.pw

Subject Issuer	Validity	Valid
www.olimnews.pw.bksfe.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
dznews.pw cPanel, Inc. Certification Authority	`2023-11-23` - `2024-02-21`	3 months	crt.sh
mirror.co.uk Amazon RSA 2048 M01	`2023-09-17` - `2024-10-16`	a year	crt.sh
glasgowworld.com Cloudflare Inc ECC CA-3	`2023-06-17` - `2024-06-16`	a year	crt.sh
www.inverness-courier.co.uk Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
deporttideevenings.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
bonnier.news DigiCert TLS RSA SHA256 2020 CA1	`2023-07-04` - `2024-07-03`	a year	crt.sh
theguardian.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-14` - `2024-12-15`	a year	crt.sh
wpcluster.dctdigital.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gknews.pw/
Frame ID: F740A06BA91D1F29CD5A1BE293FAEAB7
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ultabz - Ultabz

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

48 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

10
IPs

1
Countries

1644 kB
Transfer

2138 kB
Size

3
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://dznews.pw/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://dznews.pw/register
Title: Register

Search URL Search Domain Scan URL

URL: https://dznews.pw/

Search URL Search Domain Scan URL

URL: https://dznews.pw/news
Title: News

Search URL Search Domain Scan URL

URL: https://dznews.pw/gallery
Title: Gallery

Search URL Search Domain Scan URL

URL: https://dznews.pw/hamilton-teen-aims-to-organise-group-for-young-people-with-epilepsy-after-feeling-isolated

Search URL Search Domain Scan URL

URL: https://dznews.pw/profile/admin
Title: Admin

Search URL Search Domain Scan URL

URL: https://dznews.pw/out-of-our-club-furious-supporters-turn-on-ex-rangers-boss-less-than-one-month-into-efl-championship-job

Search URL Search Domain Scan URL

URL: https://dznews.pw/archie-foundation-charity-ball-will-celebrate-50-years-of-music

Search URL Search Domain Scan URL

URL: https://dznews.pw/adriana-villasenor-celebro-sus-60-anos-al-estilo-venecia

Search URL Search Domain Scan URL

URL: https://dznews.pw/ven-en-eu-posible-nexo-de-morena-y-criminales

Search URL Search Domain Scan URL

URL: https://dznews.pw/forgot-password
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://dznews.pw/se-estanca-mexico-en-progreso-social

Search URL Search Domain Scan URL

URL: https://dznews.pw/cierra-2023-con-29-de-autos-verificados-en-jalisco

Search URL Search Domain Scan URL

URL: https://dznews.pw/invirtio-victima-de-yox-para-dar-tratamiento-a-su-hijo

Search URL Search Domain Scan URL

URL: https://dznews.pw/imagina-chivas-cosas-chingonas-con-chicharito

Search URL Search Domain Scan URL

URL: https://dznews.pw/correle-para-sacar-la-credencial-del-ine

Search URL Search Domain Scan URL

URL: https://dznews.pw/urgen-a-terminar-obras-en-zona-de-santa-anita

Search URL Search Domain Scan URL

URL: https://dznews.pw/favoritos-a-escena-ravens-y-49ers-van-ante-texans-y-packers

Search URL Search Domain Scan URL

URL: https://dznews.pw/bergkamp-el-artista-con-miedo-a-los-aviones

Search URL Search Domain Scan URL

URL: https://dznews.pw/posts
Title: View All Posts

Search URL Search Domain Scan URL

URL: https://dznews.pw/sa-vaervades-han-till-att-bli-spion-under-kalla-kriget

Search URL Search Domain Scan URL

URL: https://dznews.pw/home-office-to-allow-eu-citizens-who-missed-residency-deadline-to-stay-in-uk

Search URL Search Domain Scan URL

URL: https://dznews.pw/exclusive-aberdeen-pensioner-seriously-injured-in-xl-bully-dog-attack

Search URL Search Domain Scan URL

URL: https://dznews.pw/overger-veganismen-flera-aeter-koett-i-smyg

Search URL Search Domain Scan URL

URL: https://dznews.pw/agc-to-make-decision-about-cpibs-investigations-into-ong-beng-seng-after-iswarans-case

Search URL Search Domain Scan URL

URL: https://dznews.pw/rss-feeds

Search URL Search Domain Scan URL

URL: https://dznews.pw/terms-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.jpg?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0

Request Chain 23

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0

Request Chain 24

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0

Request Chain 25

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0

Request Chain 33

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0

Request Chain 34

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0

Request Chain 35

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0

Request Chain 36

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0

Request Chain 37

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0

Request Chain 38

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0 HTTP 302
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0

42 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gknews.pw/ 80 KB
10 KB 628ms
457ms Document
text/html 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 1ea97665097af08fc702777182c40eb48b58be72b2bd2f3415d3a50392bab76b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate max-age=0
content-encoding: br
content-length: 10170
content-type: text/html; charset=UTF-8
date: Sat, 20 Jan 2024 11:39:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 bootstrap.min.css
dznews.pw/assets/vendor/bootstrap/css/ 190 KB
24 KB 598ms
44ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 24634
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 icons-2.2.min.css
dznews.pw/assets/themes/magazine/css/ 20 KB
15 KB 599ms
46ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/css/icons-2.2.min.css
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: f1dff1eed88a9ec41ccd24edbec9506f8c28f6687d5e214d3e4f8478a12f99f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15066
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 plugins-2.2.min.css
dznews.pw/assets/themes/magazine/css/ 1 KB
482 B 598ms
45ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/css/plugins-2.2.min.css
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 953e00bc07f3b0e9210bb6de1c03d2855480448ac1cafd69b8e68fa26640c394

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 448
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 style-2.2.min.css
dznews.pw/assets/themes/magazine/css/ 75 KB
13 KB 597ms
44ms Stylesheet
text/css 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/css/style-2.2.min.css
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 69331b2bf93cfd57e07415d3900e3287b2b6fbe99b33d1b29595f1790c4bdaea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13366
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 logo_651f9b5331fdf4-26218277.png
dznews.pw/uploads/logo/ 12 KB
12 KB 70ms
69ms Image
image/png 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dznews.pw/uploads/logo/logo_651f9b5331fdf4-26218277.png
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
last-modified: Fri, 06 Oct 2023 05:29:55 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11901
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 logo_651f9b53322ab6-39043167.png
dznews.pw/uploads/logo/ 12 KB
12 KB 599ms
46ms Image
image/png 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dznews.pw/uploads/logo/logo_651f9b53322ab6-39043167.png
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
last-modified: Fri, 06 Oct 2023 05:29:55 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11901
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
dznews.pw/assets/themes/magazine/js/ 88 KB
30 KB 599ms
46ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/js/jquery-3.6.1.min.js
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30317
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
dznews.pw/assets/vendor/bootstrap/js/ 79 KB
22 KB 67ms
66ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22476
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 plugins.js Show response
dznews.pw/assets/themes/magazine/js/ 112 KB
31 KB 69ms
68ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/js/plugins.js
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 812187a40cd926e5c56c17806c2d07e2f6ec06d73f4b6097a6ceb0708f50ea9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32042
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
H2 200 main-2.2.min.js Show response
dznews.pw/assets/themes/magazine/js/ 14 KB
3 KB 69ms
68ms Script
application/javascript 23.111.182.242
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dznews.pw/assets/themes/magazine/js/main-2.2.min.js
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pacific.us.hostns.io
Software: LiteSpeed /
Resource Hash: 47a35ccd55a2ba045e214fcd8f4be2d2b851fe4e76031a77eb6c00907c1722b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
content-encoding: br
last-modified: Fri, 29 Sep 2023 14:45:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3142
expires: Sun, 19 Jan 2025 11:39:24 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 122 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3342b958e2b48f37cbd0ae10997b0d36c8940bf46bf8c7b3102098c2288512e2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET open-sans-400.woff2
dznews.pw/assets/fonts/open-sans/ 0
0

GET open-sans-700.woff2
dznews.pw/assets/fonts/open-sans/ 0
0

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82ab7dc48cf0a854ef57ff4779c140e3965d37d585f0bad1bca0ea63eaf10bab

Request headers

Referer
Origin: https://gknews.pw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET inter-400.woff2
dznews.pw/assets/fonts/inter/ 0
0

GET inter-600.woff2
dznews.pw/assets/fonts/inter/ 0
0

GET open-sans-600.woff2
dznews.pw/assets/fonts/open-sans/ 0
0

GET inter-700.woff2
dznews.pw/assets/fonts/inter/ 0
0

GET
H2 200 0_f8bfeac6-c042-41e7-af16-41af4bd69ee5.jpg
i2-prod.glasgowlive.co.uk/incoming/article28478003.ece/ALTERNATES/s615/ 23 KB
23 KB 56ms
22ms Image
image/jpeg 18.173.132.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.glasgowlive.co.uk/incoming/article28478003.ece/ALTERNATES/s615/0_f8bfeac6-c042-41e7-af16-41af4bd69ee5.jpg?

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.132.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-132-116.jfk52.r.cloudfront.net

Software

Apache-Coyote/1.1 /

Resource Hash

e2f9833101c9df7462f36970ced3e42ecbcd9d167a9961cded1c0e68cb9b9984

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:38:39 GMT
content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 3440135ddd9561d60579f0864b6065c0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 46
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 23414
x-served-by: reg-cache-plus301.tm-aws.com
last-modified: Fri, 19 Jan 2024 13:00:10 GMT
server: Apache-Coyote/1.1
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 796922997 777447000
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: wg54uTpA8IocV3vx8sjT3a0bbp6P95-EFFIM5XI_Ias1WWadpUXYLg==
x-cache-hits: 4

GET
H2 200 GettyImages-1877459968.jpg.jpg
www.glasgowworld.com/jpim-static/image/2024/01/20/10/31/ 73 KB
73 KB 153ms
119ms Image
image/jpeg 2606:4700:4400::6812:230c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.glasgowworld.com/jpim-static/image/2024/01/20/10/31/GettyImages-1877459968.jpg.jpg?width=1200&auto=webp

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:230c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e5b7636420c530ab0fef94adf5d0d0c87c91cfe88dff6bf0df3bc4530d103f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 74439
cf-resized: internal=ok/h q=0 n=41+4 c=225+212 v=2024.1.1 l=74439
last-modified: Sat, 20 Jan 2024 10:24:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQ7PQGIdKifvRSVUuzzChkqV92lqaDEedKymcvPL4DQ:ae1c0182285ce62f615d18652bcd1d77-3"
vary: Accept, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8487096a5cea4380-EWR
priority: u=1;i=?0,cf-chb=(311;u=3;i=?0 14494;u=5;i=?0 40058;u=6;i=?0)

GET
H2 200 LFUEWIYN73SUL5WFPEBI.jpg
www.grampianonline.co.uk/_media/img/ 302 KB
302 KB 51ms
11ms Image
image/jpeg 18.238.49.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.grampianonline.co.uk/_media/img/LFUEWIYN73SUL5WFPEBI.jpg

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.49.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-49-7.jfk52.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

9c87578fc72dad42a38463626d29cf01431eea7398eb9aa4cc36a9937a5839ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 20 Jan 2024 11:31:07 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 777bb716b31e5bbc92d320e733371d3a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 498
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 308747
last-modified: Sat, 20 Jan 2024 11:04:38 GMT
server: KM Galileo @ MDC-WEBIIS06
expect-ct: max-age=0, report-uri="http://www.grampianonline.co.uk/_report/"
content-type: image/jpeg
cache-control: public
x-amz-cf-id: zamiQ2G4-yH7OLhxCVsdJtSvaVZi414rnVzdl7KJStbGo6h1QccioA==
expires: Mon, 20 Jan 2025 11:31:07 GMT

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.jpg?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0

139 KB
140 KB

317ms
221ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

7d6a9094aba3a978cceb5df4ee16f4818f604adeaa2bb10fcafb579ad72d3e40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 142039
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: i2tTRWQgtOEk3A6kWEBXjqBN4OuAYnqsaXTkjpr389sed9HA7eP0BQ==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643481.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: UlJGGS0FoUqPVRtqhUduhOx8-pFVItKEQOx3A8MItk_h_c3R39g_Ng==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0

33 KB
34 KB

498ms
402ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3df0a3730bace4788539298d568c24311d2900fb98207994d6fcaaafd5b7a1ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 33695
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: _qqzYkvDhNCSVBoVJ5ZSia9pIGlblUcoQmCQ4-IsM8YBDdq263dwFQ==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644590.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: M-ajaP6MwDqmhcUn0vvsH5l53hAY_lCrtteewdLBddJ84UJrvDKP0Q==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0

68 KB
69 KB

293ms
198ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f1f87f4163b6b6e29aeab20a05d7ed358b43e490b76ffa805bc3adb61f5a9b74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 69764
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: S-_1affOHpQnu_k-pFBDZDBKejlWfMgRD-zfxZstl1irgsabHjBadg==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644574.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: iokZgLssbqJLTBUvpzSqQkDMMlIzDSxg8n1WRkfqdgJJGKnrvBfIdA==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0

101 KB
102 KB

253ms
157ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3ac313662edca20a071d55e7b6bf6152ac6551dfac8705e6ca33d837c44c3a97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 102941
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: h8Mi07WlBjIT7l6vx2KVjm6TUsgnVZoLE6UoZ_WG36yz9ZSHryZPpw==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644630.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: E0kXEsu_lbACxbXB9Ed3KpHA-diGxj3hYKL--HG5YL7EGdmiYhNVag==

GET
H/1.1 500
Internal Server Error invoke.js
deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/ 0
0 56ms
19ms Script
text/html 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gknews.pw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET open-sans-400.woff
dznews.pw/assets/fonts/open-sans/ 0
0

GET open-sans-600.woff
dznews.pw/assets/fonts/open-sans/ 0
0

GET inter-600.woff
dznews.pw/assets/fonts/inter/ 0
0

GET open-sans-700.woff
dznews.pw/assets/fonts/open-sans/ 0
0

GET inter-400.woff
dznews.pw/assets/fonts/inter/ 0
0

GET inter-700.woff
dznews.pw/assets/fonts/inter/ 0
0

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0

66 KB
67 KB

235ms
234ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c2b41e15bf50bc86a32de4fec5fd5e251bd920644e966c5993b95a23d21cfa93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 67345
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: wVq2B5tiHjdVDKSkdpUYwAhoxJRERnEhw1RYoPKRX4yEtjwLwqTzzg==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644598.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: HArhZ2QvueVTN7xw6j350FpbN9mdwG5-7Q4_6yolUtMzQLfFfPxbiw==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0

75 KB
76 KB

171ms
170ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

86c93334d3afa291312a9d82e5c9d8223bee0398b4fb871a2aaf2557dcf72f07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 76818
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: To_eDGm9sZOsa078CRfkLwbxELHh8EoDlcqeZGnkWG7KiDK4CpBNXg==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644448.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: D7YfTW-VCQBywtkghxXBfCa3uMgqfO91HSXP6Ct8LR-hd5plZMtNxw==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0

101 KB
102 KB

184ms
183ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f907a3d041411e31a539bc290c6ff4de0f8b0aef4aa725da93deff7cacf6b136

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 103700
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: ViRgOBhinUglrZ5hvqioa-eohJ0-0YJj5zxrJ57Q2EP-XdgVjAMiwQ==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644520.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: UhnqbmsU8AfqUdQHYANlkRzyOeJJruW4E6WpSOMvsXKVXQYu9TrT2A==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0

75 KB
76 KB

182ms
181ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1413bcb9d84ac2073484e356421f594f13fb1043e80ac081c630103edd09fc46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 76774
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: SIHt-mg6dP1TEGEgWOUDcYeN2ZqkXgr1p31RN5llA7QpuecM32EPWQ==

Redirect headers

date: Sat, 20 Jan 2024 11:38:39 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 46
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644538.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: _evV-1UrfM-fI536CRn4rG7vsY3k4i4VsI2dAClyb9g1rVAqg_cPOQ==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0

105 KB
106 KB

190ms
190ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

18dea5b60bb6bf5facaba9077a6a34dd8ae81bf2dcfff14dec156cb64a9c5272

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:24 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 107388
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: ttuFjKhByTDmhM_N0coeIzuxYltH-nNNQp03QmVbCnJk15x8Rv9fZQ==

Redirect headers

date: Sat, 20 Jan 2024 11:38:40 GMT
via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 45
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644603.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: jwQ587MKbDli7p282kkd9i2FW7G1SJvb1zQ_oIhlK82IVzdnreTn9Q==

GET
H2

200

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain

https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0

67 KB
68 KB

352ms
351ms

Image
image/jpeg

18.238.55.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Server

18.238.55.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-129.jfk52.r.cloudfront.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c3606c219d5a2c5692f96f1ad83096e08a24d30d4db8d2d04c139c1d834467c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .reforma.com .elnorte.com .mural.com.mx .gruporeforma.com .agenciareforma.com .avisosdeocasion.com .elviernesnocuesta.com aristeguinoticias.com .ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version: 2.0.50727
x-amz-cf-pop: JFK52-P4
x-powered-by: ASP.NET
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
p3p: CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc: h3=":443"; ma=86400
content-length: 68781
x-xss-protection: 1; mode=block
server: Microsoft-IIS/8.5
expect-ct: enforce; max-age=3600
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private,private
x-amz-cf-id: fyBOvb6Dt9GStW7oyB-d0PaFEc4e1AHqXmKoeNZSo6QDgJmrJr_D-g==

Redirect headers

date: Sat, 20 Jan 2024 11:38:40 GMT
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
server: CloudFront
age: 45
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront
location: https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/644/5643900.jpg&wm=1&ang=0
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: DV8mnv55MJtaIdmwwx9PHzs_0xOv4JSGYd6wu8uAEky4eg4J3Y9uiw==

GET
H2 200 0_f8bfeac6-c042-41e7-af16-41af4bd69ee5.jpg
i2-prod.glasgowlive.co.uk/incoming/article28478003.ece/ALTERNATES/s615/ 23 KB
23 KB 14ms
13ms Image
image/jpeg 18.173.132.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2-prod.glasgowlive.co.uk/incoming/article28478003.ece/ALTERNATES/s615/0_f8bfeac6-c042-41e7-af16-41af4bd69ee5.jpg?

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.132.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-132-116.jfk52.r.cloudfront.net

Software

Apache-Coyote/1.1 /

Resource Hash

e2f9833101c9df7462f36970ced3e42ecbcd9d167a9961cded1c0e68cb9b9984

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:38:39 GMT
content-security-policy: frame-ancestors 'self';
via: 1.1 varnish, 1.1 3440135ddd9561d60579f0864b6065c0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 46
x-cache: Hit from cloudfront
x-removedcookies: YES
content-length: 23414
x-served-by: reg-cache-plus301.tm-aws.com
last-modified: Fri, 19 Jan 2024 13:00:10 GMT
server: Apache-Coyote/1.1
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 796922997 777447000
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-cf-id: jKUyY3hdcGCNR2wQImYrrun3wWW_j5KxCl9EUhVY8tUB7RHQjaybkQ==
x-cache-hits: 4

GET
H2 200 GettyImages-1877459968.jpg.jpg
www.glasgowworld.com/jpim-static/image/2024/01/20/10/31/ 73 KB
73 KB 30ms
28ms Image
image/jpeg 2606:4700:4400::6812:230c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.glasgowworld.com/jpim-static/image/2024/01/20/10/31/GettyImages-1877459968.jpg.jpg?width=1200&auto=webp

Requested by

Host: gknews.pw
URL: https://gknews.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:230c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60e5b7636420c530ab0fef94adf5d0d0c87c91cfe88dff6bf0df3bc4530d103f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 74439
cf-resized: internal=ok/h q=0 n=41+4 c=225+212 v=2024.1.1 l=74439
last-modified: Sat, 20 Jan 2024 10:24:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQ7PQGIdKifvRSVUuzzChkqV92lqaDEedKymcvPL4DQ:ae1c0182285ce62f615d18652bcd1d77-3"
vary: Accept, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8487096ce80d4380-EWR
priority: u=1;i=?0,cf-chb=(311;u=3;i=?0 14494;u=5;i=?0 40058;u=6;i=?0)

GET
H2 200 582b7a8c-52f1-4428-8142-dfac7217c417.jpeg
cached-images.bonnier.news/gcs/bilder/dn-mly/ 85 KB
85 KB 427ms
376ms Image
image/jpeg 2600:1408:5400:392::31b3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cached-images.bonnier.news/gcs/bilder/dn-mly/582b7a8c-52f1-4428-8142-dfac7217c417.jpeg?interpolation=lanczos-none&downsize=1000:*&output-quality=80&output-format=jpeg
Requested by: Host: gknews.pw
URL: https://gknews.pw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:392::31b3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a17bb524d4f8d1cf029e4871996da5e8bb160eedb94175ac252c2a1527409c18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:25 GMT
last-modified: Sat, 20 Jan 2024 04:13:26 GMT
x-serial: 97
server: Akamai Image Manager
x-check-cacheable: YES
etag: "7a577d16327873dc4d7f36f4de8caa58"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31481087
content-length: 87156
expires: Sat, 18 Jan 2025 20:24:12 GMT

GET
H2 200 5294.jpg
i.guim.co.uk/img/media/5d2a3ce5c060a8a8aa49f979764b9d30f95c761d/0_43_5294_3176/master/ 4 KB
5 KB 108ms
82ms Image
image/webp 2a04:4e42:600::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.guim.co.uk/img/media/5d2a3ce5c060a8a8aa49f979764b9d30f95c761d/0_43_5294_3176/master/5294.jpg?width=140&quality=85&auto=format&fit=max&s=888383ed9a4d3a1518e90e0cca6f7448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4edea856b3bca599683ca6db13b9afdc1ec703c143ab4ce64cca05f678243686

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:27 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: img05-europe-west2
age: 146757
x-cache: HIT, MISS
fastly-io-info: ifsz=3911774 idim=5294x3176 ifmt=jpeg ofsz=4440 odim=140x84 ofmt=webp
fastly-stats: io=1
content-length: 4440
x-served-by: cache-lcy-eglc8600041-LCY, cache-lga21950-LGA
server: AmazonS3
x-timer: S1705750767.153112,VS0,VE73
etag: "NEu0DTPiSkOgyd9/mHipupoKryNqvaSmFRLgc7o9Lz4"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.theguardian.com
x-cache-hits: 1, 0

GET
H2 200 shutterstock_2353368449-1sc4ldu7t-846x564.jpg
wpcluster.dctdigital.com/wp-content/uploads/sites/2/2024/01/ 38 KB
39 KB 61ms
21ms Image
image/jpeg 2606:4700::6812:1d14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wpcluster.dctdigital.com/wp-content/uploads/sites/2/2024/01/shutterstock_2353368449-1sc4ldu7t-846x564.jpg?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22eaa332e4568f658b0de58d95f49ca99f5081b15cb844c74b9c481e45cdad38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gknews.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-dct-digital: connected
x-amz-request-id: tx00000c73abc39254ef052-0065aab729-1e5271d3-default
age: 54828
cf-polished: origSize=49334
content-length: 39346
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 19 Jan 2024 13:55:12 GMT
server: cloudflare
etag: "c0085d729b0c04db1d38b5601a09124c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
x-robots-tag: noindex, nosnippet, noarchive
cf-ray: 84870976cd2872a7-EWR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-400.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-600.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-700.woff2

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-600.woff

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-400.woff

Domain: dznews.pw
URL: https://dznews.pw/assets/fonts/inter/inter-700.woff

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gknews.pw/	1970-01-20 18:32:22	Name: vr_session Value: 38480dfe0205f011850e32edb71b9563b253f602
gknews.pw/	1970-01-20 17:49:17	Name: vr_csrf_cookie Value: 7a2f56f8e4846cc0db9d5b82c86df356
.www.glasgowworld.com/	1970-01-20 17:49:12	Name: __cf_bm Value: ad7RSNFiK_nZnuOh7RZkeAzjMBVdwUB2GctKb8z_Xaw-1705750765-1-AWmTxK7QGJkOilT66LD67mREFRZV5wyeIuVRBivpjn8c4TxxE8nP+LIfba5Sx5w1cqnbEoRScv9UjlPtH8MPBv4=

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://gknews.pw/(Line 1160) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gknews.pw/(Line 1160) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-600.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-600.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-400.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-700.woff2' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-700.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-600.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-600.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-400.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gknews.pw/ Message: Access to font at 'https://dznews.pw/assets/fonts/inter/inter-700.woff' from origin 'https://gknews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dznews.pw/assets/fonts/inter/inter-700.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cached-images.bonnier.news
deporttideevenings.com
dznews.pw
gknews.pw
i.guim.co.uk
i2-prod.glasgowlive.co.uk
mural.com.mx
wpcluster.dctdigital.com
www.glasgowworld.com
www.grampianonline.co.uk
www.mural.com.mx
dznews.pw
18.173.132.116
18.238.49.7
18.238.55.129
192.243.59.12
23.111.182.242
2600:1408:5400:392::31b3
2606:4700:4400::6812:230c
2606:4700::6812:1d14
2a04:4e42:600::367
52.85.61.81
1413bcb9d84ac2073484e356421f594f13fb1043e80ac081c630103edd09fc46
18dea5b60bb6bf5facaba9077a6a34dd8ae81bf2dcfff14dec156cb64a9c5272
1ea97665097af08fc702777182c40eb48b58be72b2bd2f3415d3a50392bab76b
22eaa332e4568f658b0de58d95f49ca99f5081b15cb844c74b9c481e45cdad38
3342b958e2b48f37cbd0ae10997b0d36c8940bf46bf8c7b3102098c2288512e2
3ac313662edca20a071d55e7b6bf6152ac6551dfac8705e6ca33d837c44c3a97
3df0a3730bace4788539298d568c24311d2900fb98207994d6fcaaafd5b7a1ef
47a35ccd55a2ba045e214fcd8f4be2d2b851fe4e76031a77eb6c00907c1722b1
4edea856b3bca599683ca6db13b9afdc1ec703c143ab4ce64cca05f678243686
60e5b7636420c530ab0fef94adf5d0d0c87c91cfe88dff6bf0df3bc4530d103f
66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a
69331b2bf93cfd57e07415d3900e3287b2b6fbe99b33d1b29595f1790c4bdaea
7d6a9094aba3a978cceb5df4ee16f4818f604adeaa2bb10fcafb579ad72d3e40
812187a40cd926e5c56c17806c2d07e2f6ec06d73f4b6097a6ceb0708f50ea9a
82ab7dc48cf0a854ef57ff4779c140e3965d37d585f0bad1bca0ea63eaf10bab
86c93334d3afa291312a9d82e5c9d8223bee0398b4fb871a2aaf2557dcf72f07
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
953e00bc07f3b0e9210bb6de1c03d2855480448ac1cafd69b8e68fa26640c394
9c87578fc72dad42a38463626d29cf01431eea7398eb9aa4cc36a9937a5839ec
a17bb524d4f8d1cf029e4871996da5e8bb160eedb94175ac252c2a1527409c18
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c2b41e15bf50bc86a32de4fec5fd5e251bd920644e966c5993b95a23d21cfa93
c3606c219d5a2c5692f96f1ad83096e08a24d30d4db8d2d04c139c1d834467c0
e2f9833101c9df7462f36970ced3e42ecbcd9d167a9961cded1c0e68cb9b9984
f1dff1eed88a9ec41ccd24edbec9506f8c28f6687d5e214d3e4f8478a12f99f3
f1f87f4163b6b6e29aeab20a05d7ed358b43e490b76ffa805bc3adb61f5a9b74
f907a3d041411e31a539bc290c6ff4de0f8b0aef4aa725da93deff7cacf6b136

gknews.pw Open in urlscan Pro 23.111.182.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

48 %HTTPS

40 %IPv6

10 Domains

11 Subdomains

10 IPs

1 Countries

1644 kBTransfer

2138 kBSize

3 Cookies

28 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

gknews.pw Open in urlscan Pro
23.111.182.242 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

48 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

10
IPs

1
Countries

1644 kB
Transfer

2138 kB
Size

3
Cookies

42 HTTP transactions
3 data transactions