news-world-blog.info Open in urlscan Pro
167.71.36.138  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response news-world-blog.info/	2 KB 653 B	193ms 20ms	Document text/html	167.71.36.138 DigitalOcean
General Check archive.org Show headers Download Go to Full URL https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my Protocol H2 Security TLS 1.3, , AES_256_GCM Server 167.71.36.138 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx / Resource Hash ee1978fe3fcf6d5c2f0d5adfd75e910dc66484cd2dadbe4f07a21bfdbd7ae211 Request headers :method GET :authority news-world-blog.info :scheme https :path /?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 referer https://ggwq.info/ Response headers status 200 server nginx date Tue, 10 Dec 2019 16:39:18 GMT content-type text/html vary Accept-Encoding last-modified Fri, 25 Oct 2019 08:42:36 GMT etag W/"646-595b821bbdaa6" content-encoding br
GET H2	200	a.js Show response st-n.domnovrek.com/js/	43 KB 17 KB	40ms 12ms	Script application/javascript	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Full URL https://st-n.domnovrek.com/js/a.js Requested by Host: news-world-blog.info URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash abcf8d3eea475199c434d716a783f8778d56448d6cb3d6b3601c08c3877a81a4 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc10 date Tue, 10 Dec 2019 16:39:18 GMT content-encoding gzip last-modified Tue, 10 Dec 2019 11:52:02 GMT server nginx etag W/"5def86e2-ad54" x-cached-since 2019-12-10T16:38:35+00:00 content-type application/javascript status 200 cache-control max-age=600 cache HIT expires Tue, 10 Dec 2019 12:08:07 GMT
GET H2	200	e.js Show response sync.users-api.com/	64 B 363 B	25ms 9ms	Script application/x-javascript	31.172.81.242 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://sync.users-api.com/e.js Requested by Host: st-n.domnovrek.com URL: https://st-n.domnovrek.com/js/a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.172.81.242 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash 5d4c6e6188c1f9d844f60e382e0d84e12126c274341e4dfa5b1e5bc6e5c5558d Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Dec 2019 16:39:21 GMT content-encoding gzip last-modified Wed, 26 Jul 2017 12:01:01 GMT server nginx/1.10.3 access-control-allow-origin * etag W/"686897696a7c876b7e1" vary Accept-Encoding, Accept-Encoding content-type application/x-javascript status 200 cache-control private, immutable, no-transform access-control-allow-credentials true
GET H2	200	gtm.js Show response www.googletagmanager.com/	108 KB 35 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:808::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WFJMBLX Requested by Host: news-world-blog.info URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 75adb8cccac816f0e089279e48a1080525498e5c612eefa691e14686a9336361 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Dec 2019 16:39:18 GMT content-encoding br last-modified Tue, 10 Dec 2019 15:00:00 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 35861 x-xss-protection 0 expires Tue, 10 Dec 2019 16:39:18 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	121 KB 26 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: news-world-blog.info URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 content-length 26702 x-xss-protection 0 pragma public x-fb-debug AMzG6VV8AOFWIAEwCaPIVjxZ/8QSRHFl2kH6ZuzIJPnNfgl+7N2JYUL8kcNW974P5RD12eH4rqaJW3lBquHtfw== x-fb-trip-id 975780461 date Tue, 10 Dec 2019 16:39:18 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	a Show response n.domnovrek.com/	39 KB 39 KB	546ms 205ms	Script text/javascript	31.172.81.241 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://n.domnovrek.com/a?Id=687499&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=6932&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODNaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=0 Requested by Host: st-n.domnovrek.com URL: https://st-n.domnovrek.com/js/a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash 0d4da4fd08ed27d9f9925be16cef3d9bce8b1f81c98f154bb479447bc0cde92f Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 10 Dec 2019 16:39:11 GMT server nginx/1.10.3 content-length 39482 content-type text/javascript; charset=utf-8
GET H2	200	a Show response n.domnovrek.com/	75 B 166 B	547ms 207ms	Script text/javascript	31.172.81.241 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://n.domnovrek.com/a?Id=687500&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=5917&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODVaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=1 Requested by Host: st-n.domnovrek.com URL: https://st-n.domnovrek.com/js/a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash 02c7d105dea81cae4b7af0d00edb79423700fbcf33bc6bc3848027b8140dade7 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 10 Dec 2019 16:39:11 GMT server nginx/1.10.3 content-length 75 content-type text/javascript; charset=utf-8
GET H2	200	c3.js Show response st-n.domnovrek.com/js/	93 KB 29 KB	14ms 14ms	Script application/javascript	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Full URL https://st-n.domnovrek.com/js/c3.js Requested by Host: n.domnovrek.com URL: https://n.domnovrek.com/a?Id=687499&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=6932&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODNaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 51e7c9b4da965d6f770ed74b309f2c247e50fd94985d5f80245ee7570821fd3b Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc10 date Tue, 10 Dec 2019 16:39:19 GMT content-encoding gzip last-modified Tue, 10 Dec 2019 11:52:02 GMT server nginx etag W/"5def86e2-172b3" x-cached-since 2019-12-10T16:37:14+00:00 content-type application/javascript status 200 cache-control max-age=600 cache HIT expires Tue, 10 Dec 2019 12:06:31 GMT
GET H2	204	track.gif xl-trk.com/	0 66 B	3102ms 23ms	Image text/plain	88.208.41.103 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xl-trk.com/track.gif?a=ssr_render1&c=687499 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.41.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 date Tue, 10 Dec 2019 16:39:22 GMT x-upstream 192.168.11.101:8085 server nginx
GET H2	200	img_200x200.gif cdn.user-api.com/r/5dae9ba1287f3e5d018b50b5/	335 KB 335 KB	63ms 24ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5dae9ba1287f3e5d018b50b5/img_200x200.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash a39ebcdd52a87442ffffec044427f9b121709e99d17081da3f3adf63ae227591 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Tue, 22 Oct 2019 06:03:19 GMT server nginx access-control-allow-origin * etag "5dae9ba7-53b2f" x-cached-since 2019-12-07T23:16:13+00:00 content-type image/gif status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 342831
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5db96aef287f3e56018b535d/	59 KB 60 KB	64ms 26ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5db96aef287f3e56018b535d/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 3f770ca3d1dd1efddd74ba25f427361b085ccc2c48859682effb777f194aa9f8 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Wed, 30 Oct 2019 10:50:25 GMT server nginx access-control-allow-origin * etag "5db96af1-edb6" x-cached-since 2019-12-07T05:18:04+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 60854
GET H2	200	img_200x200.gif cdn.user-api.com/r/5cc6d1d9287f3efd098b4a7f/	395 KB 395 KB	63ms 25ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5cc6d1d9287f3efd098b4a7f/img_200x200.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 401446a12abd5268c4d302a29adcf136ea63856ec87bd30ea609ff0d9d477e96 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Mon, 29 Apr 2019 10:28:45 GMT server nginx access-control-allow-origin * etag "5cc6d1dd-62a9e" x-cached-since 2019-12-09T04:43:49+00:00 content-type image/gif status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 404126
GET H2	200	img_200x200.gif cdn.user-api.com/r/5cc28ad2287f3ef1738b49e8/	64 KB 64 KB	63ms 25ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5cc28ad2287f3ef1738b49e8/img_200x200.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash d87fda202066ca3a7522fc6e22014f960367484c731fb140cb9a7eece6e0fdd3 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Fri, 26 Apr 2019 04:36:37 GMT server nginx access-control-allow-origin * etag "5cc28ad5-100e6" x-cached-since 2019-12-06T18:17:23+00:00 content-type image/gif status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 65766
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5da97ff6287f3e0f308b4a54/	46 KB 46 KB	63ms 25ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5da97ff6287f3e0f308b4a54/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash b4be447048d69e8f127fe3a16bdf5136e2c731e8162f6203b4040e58a4cc6a87 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Fri, 18 Oct 2019 09:03:51 GMT server nginx access-control-allow-origin * etag "5da97ff7-b8ee" x-cached-since 2019-12-07T22:57:48+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 47342
GET H2	200	img_200x200.gif cdn.user-api.com/r/5dae9b60287f3e17798b46bf/	213 KB 213 KB	62ms 24ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5dae9b60287f3e17798b46bf/img_200x200.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 8443fcf158a144036188acac8f224d0ec06458e92dcb1e2b078e2f6644ea18b1 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Tue, 22 Oct 2019 06:02:13 GMT server nginx access-control-allow-origin * etag "5dae9b65-352ff" x-cached-since 2019-12-09T20:44:55+00:00 content-type image/gif status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 217855
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5dc2a867287f3e5d018b53c8/	6 KB 6 KB	36ms 12ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5dc2a867287f3e5d018b53c8/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash af4535119f9b8a8b6ea9324f0ee85bac081ef3d8ad07e19bdc98918c9117382b Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Wed, 06 Nov 2019 11:03:03 GMT server nginx access-control-allow-origin * etag "5dc2a867-16f8" x-cached-since 2019-12-09T07:42:45+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 5880
GET H2	200	img_200x200.gif cdn.user-api.com/r/5d6c9d06287f3e5a1a8b4793/	1 MB 1 MB	48ms 24ms	Image image/gif	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5d6c9d06287f3e5a1a8b4793/img_200x200.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash e05b3a95cce44d8fb7c584f44667e1e4a7d6c8fa6365195b5257f0df434bbd24 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Mon, 02 Sep 2019 04:39:41 GMT server nginx access-control-allow-origin * etag "5d6c9d0d-1513b7" x-cached-since 2019-12-06T19:16:03+00:00 content-type image/gif status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 1381303
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5cc28b36287f3e67098b4a2d/	10 KB 10 KB	47ms 23ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5cc28b36287f3e67098b4a2d/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 60c1be63bb64ff6b05634cc1a4e4a66f0a5e1086dec123467e1a885949c543c7 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Fri, 26 Apr 2019 04:38:16 GMT server nginx access-control-allow-origin * etag "5cc28b38-2727" x-cached-since 2019-12-09T17:50:02+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 10023
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5d358c9c287f3e050d8b49c4/	43 KB 43 KB	47ms 24ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5d358c9c287f3e050d8b49c4/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash f488b4f4e0d5fd93a856ca2fef29c5d609465cc654724f8f989706512332cd45 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Tue, 15 Oct 2019 11:23:34 GMT server nginx access-control-allow-origin * etag "5da5ac36-aa1f" x-cached-since 2019-12-09T20:30:32+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 43551
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5b6833d9287f3e4e1b8b7176/	76 KB 76 KB	36ms 12ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5b6833d9287f3e4e1b8b7176/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 2126fc2575be0a61742665e6c30ad0963da3e5c091c6687dc459d5f5bbfbd0b7 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Fri, 25 Oct 2019 04:40:28 GMT server nginx access-control-allow-origin * etag "5db27cbc-12edd" x-cached-since 2019-12-08T22:42:49+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 77533
GET H2	200	img_200x200.jpg cdn.user-api.com/r/5d47eb33287f3e9a0d8b4cd2/	60 KB 60 KB	49ms 25ms	Image image/jpeg	2a03:90c0:9997::9997 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.user-api.com/r/5d47eb33287f3e9a0d8b4cd2/img_200x200.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT), Reverse DNS Software nginx / Resource Hash 560af5a1e01bfdba09ae2c9753f48506dfcc6ea99fa844312c6592a4901b73a3 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-id cec-up-gc11 date Tue, 10 Dec 2019 16:39:19 GMT last-modified Tue, 06 Aug 2019 10:36:52 GMT server nginx access-control-allow-origin * etag "5d495844-ee91" x-cached-since 2019-12-06T18:35:37+00:00 content-type image/jpeg status 200 cache HIT accept-ranges bytes access-control-allow-headers * content-length 61073
GET H2	200	st n.domnovrek.com/	119 B 119 B	3046ms 15ms	Image image/png	31.172.81.241 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://n.domnovrek.com/st?d=eyJ0aW1lIjoxNTc1OTk1OTU5LCJhZG5faWQiOjE3LCJhZHRfaWQiOjEsImNvZGVfaWQiOjY4NzQ5OSwic2l0ZV9pZCI6NDExMzA0LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjJ4NiJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 10 Dec 2019 16:39:15 GMT server nginx/1.10.3 access-control-allow-origin * p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" status 200 cache-control no-cache, no-store content-type image/png content-length 119
GET H2	200	stv n.domnovrek.com/	119 B 119 B	3048ms 17ms	Image image/png	31.172.81.241 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://n.domnovrek.com/stv?d=eyJ0aW1lIjoxNTc1OTk1OTU5LCJhZG5faWQiOjE3LCJhZHRfaWQiOjEsImNvZGVfaWQiOjY4NzQ5OSwic2l0ZV9pZCI6NDExMzA0LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjJ4NiJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ggwq.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 10 Dec 2019 16:39:15 GMT server nginx/1.10.3 access-control-allow-origin * p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" status 200 cache-control no-cache, no-store content-type image/png content-length 119

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| acrum_extra object| sc_adv_out object| _sc_cached_scripts object| sc_adv_ids object| SC_TBlock_Collection function| SC_ContainerElement function| SC_loadPartnerScripts object| SC_AdvOutBuilder object| dataLayer string| __sc_int_uid object| google_tag_manager function| fbq function| _fbq object| script undefined| offer undefined| scriptGA function| gtag number| __sc_int_uid_loadind_time object| $jscomp object| SC_Universal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.news-world-blog.info/	1970-01-19 05:46:58	Name: SC_unique_687500 Value: 1
			.news-world-blog.info/	1970-01-19 05:46:58	Name: SC_unique_687499 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.user-api.com
connect.facebook.net
n.domnovrek.com
news-world-blog.info
st-n.domnovrek.com
sync.users-api.com
www.googletagmanager.com
xl-trk.com
167.71.36.138
2a00:1450:4001:808::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:90c0:9997::9997
31.172.81.241
31.172.81.242
88.208.41.103
02c7d105dea81cae4b7af0d00edb79423700fbcf33bc6bc3848027b8140dade7
0d4da4fd08ed27d9f9925be16cef3d9bce8b1f81c98f154bb479447bc0cde92f
2126fc2575be0a61742665e6c30ad0963da3e5c091c6687dc459d5f5bbfbd0b7
3f770ca3d1dd1efddd74ba25f427361b085ccc2c48859682effb777f194aa9f8
401446a12abd5268c4d302a29adcf136ea63856ec87bd30ea609ff0d9d477e96
51e7c9b4da965d6f770ed74b309f2c247e50fd94985d5f80245ee7570821fd3b
560af5a1e01bfdba09ae2c9753f48506dfcc6ea99fa844312c6592a4901b73a3
5d4c6e6188c1f9d844f60e382e0d84e12126c274341e4dfa5b1e5bc6e5c5558d
60c1be63bb64ff6b05634cc1a4e4a66f0a5e1086dec123467e1a885949c543c7
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
75adb8cccac816f0e089279e48a1080525498e5c612eefa691e14686a9336361
8443fcf158a144036188acac8f224d0ec06458e92dcb1e2b078e2f6644ea18b1
a39ebcdd52a87442ffffec044427f9b121709e99d17081da3f3adf63ae227591
abcf8d3eea475199c434d716a783f8778d56448d6cb3d6b3601c08c3877a81a4
af4535119f9b8a8b6ea9324f0ee85bac081ef3d8ad07e19bdc98918c9117382b
b4be447048d69e8f127fe3a16bdf5136e2c731e8162f6203b4040e58a4cc6a87
d87fda202066ca3a7522fc6e22014f960367484c731fb140cb9a7eece6e0fdd3
e05b3a95cce44d8fb7c584f44667e1e4a7d6c8fa6365195b5257f0df434bbd24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1978fe3fcf6d5c2f0d5adfd75e910dc66484cd2dadbe4f07a21bfdbd7ae211
f488b4f4e0d5fd93a856ca2fef29c5d609465cc654724f8f989706512332cd45