URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.heartt...
Submission: On December 10 via manual from RO

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 167.71.36.138, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is news-world-blog.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 11th 2019. Valid for: 3 months.
This is the only time news-world-blog.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 167.71.36.138 14061 (DIGITALOC...)
14 2a03:90c0:999... 199524 (GCORE)
1 31.172.81.242 44066 (DE-FIRSTC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
4 31.172.81.241 44066 (DE-FIRSTC...)
1 88.208.41.103 39572 (ADVANCEDH...)
23 7
Domain Requested by
12 cdn.user-api.com
4 n.domnovrek.com st-n.domnovrek.com
2 st-n.domnovrek.com news-world-blog.info
n.domnovrek.com
1 xl-trk.com
1 connect.facebook.net news-world-blog.info
1 www.googletagmanager.com news-world-blog.info
1 sync.users-api.com st-n.domnovrek.com
1 news-world-blog.info
23 8

This site contains no links.

Subject Issuer Validity Valid
news-world-blog.info
Let's Encrypt Authority X3
2019-11-11 -
2020-02-09
3 months crt.sh
n.domnovrek.com
Let's Encrypt Authority X3
2019-11-11 -
2020-02-09
3 months crt.sh
sync.users-api.com
Let's Encrypt Authority X3
2019-09-30 -
2019-12-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-11-06 -
2020-02-04
3 months crt.sh
xl-trk.com
Let's Encrypt Authority X3
2019-11-29 -
2020-02-27
3 months crt.sh
cdn.user-api.com
Let's Encrypt Authority X3
2019-11-11 -
2020-02-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
Frame ID: 4A1F2D2429C198FDA81DCEF1D1EC6EFC
Requests: 23 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

23
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

2806 kB
Transfer

3060 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
news-world-blog.info/
2 KB
653 B
Document
General
Full URL
https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.36.138 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ee1978fe3fcf6d5c2f0d5adfd75e910dc66484cd2dadbe4f07a21bfdbd7ae211

Request headers

:method
GET
:authority
news-world-blog.info
:scheme
https
:path
/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
referer
https://ggwq.info/

Response headers

status
200
server
nginx
date
Tue, 10 Dec 2019 16:39:18 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2019 08:42:36 GMT
etag
W/"646-595b821bbdaa6"
content-encoding
br
a.js
st-n.domnovrek.com/js/
43 KB
17 KB
Script
General
Full URL
https://st-n.domnovrek.com/js/a.js
Requested by
Host: news-world-blog.info
URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
abcf8d3eea475199c434d716a783f8778d56448d6cb3d6b3601c08c3877a81a4

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc10
date
Tue, 10 Dec 2019 16:39:18 GMT
content-encoding
gzip
last-modified
Tue, 10 Dec 2019 11:52:02 GMT
server
nginx
etag
W/"5def86e2-ad54"
x-cached-since
2019-12-10T16:38:35+00:00
content-type
application/javascript
status
200
cache-control
max-age=600
cache
HIT
expires
Tue, 10 Dec 2019 12:08:07 GMT
e.js
sync.users-api.com/
64 B
363 B
Script
General
Full URL
https://sync.users-api.com/e.js
Requested by
Host: st-n.domnovrek.com
URL: https://st-n.domnovrek.com/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.172.81.242 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
5d4c6e6188c1f9d844f60e382e0d84e12126c274341e4dfa5b1e5bc6e5c5558d

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Dec 2019 16:39:21 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2017 12:01:01 GMT
server
nginx/1.10.3
access-control-allow-origin
*
etag
W/"686897696a7c876b7e1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private, immutable, no-transform
access-control-allow-credentials
true
gtm.js
www.googletagmanager.com/
108 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFJMBLX
Requested by
Host: news-world-blog.info
URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75adb8cccac816f0e089279e48a1080525498e5c612eefa691e14686a9336361
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Dec 2019 16:39:18 GMT
content-encoding
br
last-modified
Tue, 10 Dec 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
35861
x-xss-protection
0
expires
Tue, 10 Dec 2019 16:39:18 GMT
fbevents.js
connect.facebook.net/en_US/
121 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: news-world-blog.info
URL: https://news-world-blog.info/?subid1=myadnow&subid2=7559&subid4=63997&subid3=null&subid5=332838&subid6=teasers_adru_ro.hearttonicevz_ro_dv.1&subid7=Unknown&subid8=Unknown&subid9=2&subid10=my
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
26702
x-xss-protection
0
pragma
public
x-fb-debug
AMzG6VV8AOFWIAEwCaPIVjxZ/8QSRHFl2kH6ZuzIJPnNfgl+7N2JYUL8kcNW974P5RD12eH4rqaJW3lBquHtfw==
x-fb-trip-id
975780461
date
Tue, 10 Dec 2019 16:39:18 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
a
n.domnovrek.com/
39 KB
39 KB
Script
General
Full URL
https://n.domnovrek.com/a?Id=687499&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=6932&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODNaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=0
Requested by
Host: st-n.domnovrek.com
URL: https://st-n.domnovrek.com/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
0d4da4fd08ed27d9f9925be16cef3d9bce8b1f81c98f154bb479447bc0cde92f

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 10 Dec 2019 16:39:11 GMT
server
nginx/1.10.3
content-length
39482
content-type
text/javascript; charset=utf-8
a
n.domnovrek.com/
75 B
166 B
Script
General
Full URL
https://n.domnovrek.com/a?Id=687500&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=5917&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODVaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=1
Requested by
Host: st-n.domnovrek.com
URL: https://st-n.domnovrek.com/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
02c7d105dea81cae4b7af0d00edb79423700fbcf33bc6bc3848027b8140dade7

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 10 Dec 2019 16:39:11 GMT
server
nginx/1.10.3
content-length
75
content-type
text/javascript; charset=utf-8
c3.js
st-n.domnovrek.com/js/
93 KB
29 KB
Script
General
Full URL
https://st-n.domnovrek.com/js/c3.js
Requested by
Host: n.domnovrek.com
URL: https://n.domnovrek.com/a?Id=687499&uid=ssp-c68b6010-9c74-990d-3949-1575995959&sync=0&hours=17&ajax=0&domain=n.domnovrek.com&unq=1&cookies=1&_c=e30%3D&RNum=6932&docurl_=aHV2c3c_NTZ2bsKBfjnChH3CgXx1P3XCgMKEfUXCgcKHwoDCiktcwpHClMKCworChlRhwpLCn8KIwozCl8KZwqJSwqDCo8KRwpnClWRwa2prcF7CrMKvwp3CpcKhcnx2dHt8e2vCucK8wqrCssKufsKJwrvDg8K7wrx3w4XDiMK2wr7CusKMwpXCjMKNwo3ClMKQwpbChcOTw5bDhMOMw4jCm8Kjw5vDjcOKw53DkMOew6DDjcOQw5TDo8Onw5LDpsOkwqTDn8Odw5rDrMOvw7DDrMOsw6jDo8Omw7jDvcOjw7fDtcOmw6zDv8K4wrzCssSAxIPDscO5w7XDicOQw6nEg8SBxIXEh8SQxIjDgcSPxJLEgMSIxITDmcOfw7jEksSQxJTElsSfxJfDkMSexKHEj8SXxJPDqcOuw6TDmcSnxKrEmMSgxJzDqsOqw7jEqcS2&client_info=eyJ3aW4iOnsidyI6MTYwMCwiaCI6MTIwMH0sInNjcmVlbiI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJjb2xvckRlcHRoIjoyNCwicGl4ZWxEZXB0aCI6MjR9LCJuYXZpZ2F0b3IiOnsibGFuZ3VhZ2UiOiJlbi1VUyIsImJyb3dzZXJMYW5ndWFnZSI6IiIsInN5c3RlbUxhbmd1YWdlIjoiIiwidXNlckxhbmd1YWdlIjoiIiwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ2ZW5kb3IiOiJHb29nbGUgSW5jLiIsInRpbWVab25lIjoxLCJkYXRlIjoiMjAxOS0xMi0xMFQxNjozOToxOC44ODNaIiwiaG91ciI6MTcsIndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsInBsdWdpbnMiOltdLCJmbGFzaFZlcnNpb24iOmZhbHNlLCJjb25uZWN0aW9uVHlwZSI6InVuZGVmIn19&doc_inf=eyJ0aXRsZSI6IiIsImRlc2NyaXB0aW9uIjoiIiwiY2hhclNldCI6IndpbmRvd3MtMTI1MiJ9&set=e30%3D&ver=8&bln=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
51e7c9b4da965d6f770ed74b309f2c247e50fd94985d5f80245ee7570821fd3b

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc10
date
Tue, 10 Dec 2019 16:39:19 GMT
content-encoding
gzip
last-modified
Tue, 10 Dec 2019 11:52:02 GMT
server
nginx
etag
W/"5def86e2-172b3"
x-cached-since
2019-12-10T16:37:14+00:00
content-type
application/javascript
status
200
cache-control
max-age=600
cache
HIT
expires
Tue, 10 Dec 2019 12:06:31 GMT
track.gif
xl-trk.com/
0
66 B
Image
General
Full URL
https://xl-trk.com/track.gif?a=ssr_render1&c=687499
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.41.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 10 Dec 2019 16:39:22 GMT
x-upstream
192.168.11.101:8085
server
nginx
img_200x200.gif
cdn.user-api.com/r/5dae9ba1287f3e5d018b50b5/
335 KB
335 KB
Image
General
Full URL
https://cdn.user-api.com/r/5dae9ba1287f3e5d018b50b5/img_200x200.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
a39ebcdd52a87442ffffec044427f9b121709e99d17081da3f3adf63ae227591

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Tue, 22 Oct 2019 06:03:19 GMT
server
nginx
access-control-allow-origin
*
etag
"5dae9ba7-53b2f"
x-cached-since
2019-12-07T23:16:13+00:00
content-type
image/gif
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
342831
img_200x200.jpg
cdn.user-api.com/r/5db96aef287f3e56018b535d/
59 KB
60 KB
Image
General
Full URL
https://cdn.user-api.com/r/5db96aef287f3e56018b535d/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
3f770ca3d1dd1efddd74ba25f427361b085ccc2c48859682effb777f194aa9f8

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Wed, 30 Oct 2019 10:50:25 GMT
server
nginx
access-control-allow-origin
*
etag
"5db96af1-edb6"
x-cached-since
2019-12-07T05:18:04+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
60854
img_200x200.gif
cdn.user-api.com/r/5cc6d1d9287f3efd098b4a7f/
395 KB
395 KB
Image
General
Full URL
https://cdn.user-api.com/r/5cc6d1d9287f3efd098b4a7f/img_200x200.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
401446a12abd5268c4d302a29adcf136ea63856ec87bd30ea609ff0d9d477e96

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Mon, 29 Apr 2019 10:28:45 GMT
server
nginx
access-control-allow-origin
*
etag
"5cc6d1dd-62a9e"
x-cached-since
2019-12-09T04:43:49+00:00
content-type
image/gif
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
404126
img_200x200.gif
cdn.user-api.com/r/5cc28ad2287f3ef1738b49e8/
64 KB
64 KB
Image
General
Full URL
https://cdn.user-api.com/r/5cc28ad2287f3ef1738b49e8/img_200x200.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d87fda202066ca3a7522fc6e22014f960367484c731fb140cb9a7eece6e0fdd3

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Fri, 26 Apr 2019 04:36:37 GMT
server
nginx
access-control-allow-origin
*
etag
"5cc28ad5-100e6"
x-cached-since
2019-12-06T18:17:23+00:00
content-type
image/gif
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
65766
img_200x200.jpg
cdn.user-api.com/r/5da97ff6287f3e0f308b4a54/
46 KB
46 KB
Image
General
Full URL
https://cdn.user-api.com/r/5da97ff6287f3e0f308b4a54/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
b4be447048d69e8f127fe3a16bdf5136e2c731e8162f6203b4040e58a4cc6a87

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Fri, 18 Oct 2019 09:03:51 GMT
server
nginx
access-control-allow-origin
*
etag
"5da97ff7-b8ee"
x-cached-since
2019-12-07T22:57:48+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
47342
img_200x200.gif
cdn.user-api.com/r/5dae9b60287f3e17798b46bf/
213 KB
213 KB
Image
General
Full URL
https://cdn.user-api.com/r/5dae9b60287f3e17798b46bf/img_200x200.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
8443fcf158a144036188acac8f224d0ec06458e92dcb1e2b078e2f6644ea18b1

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Tue, 22 Oct 2019 06:02:13 GMT
server
nginx
access-control-allow-origin
*
etag
"5dae9b65-352ff"
x-cached-since
2019-12-09T20:44:55+00:00
content-type
image/gif
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
217855
img_200x200.jpg
cdn.user-api.com/r/5dc2a867287f3e5d018b53c8/
6 KB
6 KB
Image
General
Full URL
https://cdn.user-api.com/r/5dc2a867287f3e5d018b53c8/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
af4535119f9b8a8b6ea9324f0ee85bac081ef3d8ad07e19bdc98918c9117382b

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Wed, 06 Nov 2019 11:03:03 GMT
server
nginx
access-control-allow-origin
*
etag
"5dc2a867-16f8"
x-cached-since
2019-12-09T07:42:45+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
5880
img_200x200.gif
cdn.user-api.com/r/5d6c9d06287f3e5a1a8b4793/
1 MB
1 MB
Image
General
Full URL
https://cdn.user-api.com/r/5d6c9d06287f3e5a1a8b4793/img_200x200.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
e05b3a95cce44d8fb7c584f44667e1e4a7d6c8fa6365195b5257f0df434bbd24

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Mon, 02 Sep 2019 04:39:41 GMT
server
nginx
access-control-allow-origin
*
etag
"5d6c9d0d-1513b7"
x-cached-since
2019-12-06T19:16:03+00:00
content-type
image/gif
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
1381303
img_200x200.jpg
cdn.user-api.com/r/5cc28b36287f3e67098b4a2d/
10 KB
10 KB
Image
General
Full URL
https://cdn.user-api.com/r/5cc28b36287f3e67098b4a2d/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
60c1be63bb64ff6b05634cc1a4e4a66f0a5e1086dec123467e1a885949c543c7

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Fri, 26 Apr 2019 04:38:16 GMT
server
nginx
access-control-allow-origin
*
etag
"5cc28b38-2727"
x-cached-since
2019-12-09T17:50:02+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
10023
img_200x200.jpg
cdn.user-api.com/r/5d358c9c287f3e050d8b49c4/
43 KB
43 KB
Image
General
Full URL
https://cdn.user-api.com/r/5d358c9c287f3e050d8b49c4/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
f488b4f4e0d5fd93a856ca2fef29c5d609465cc654724f8f989706512332cd45

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Tue, 15 Oct 2019 11:23:34 GMT
server
nginx
access-control-allow-origin
*
etag
"5da5ac36-aa1f"
x-cached-since
2019-12-09T20:30:32+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
43551
img_200x200.jpg
cdn.user-api.com/r/5b6833d9287f3e4e1b8b7176/
76 KB
76 KB
Image
General
Full URL
https://cdn.user-api.com/r/5b6833d9287f3e4e1b8b7176/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
2126fc2575be0a61742665e6c30ad0963da3e5c091c6687dc459d5f5bbfbd0b7

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Fri, 25 Oct 2019 04:40:28 GMT
server
nginx
access-control-allow-origin
*
etag
"5db27cbc-12edd"
x-cached-since
2019-12-08T22:42:49+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
77533
img_200x200.jpg
cdn.user-api.com/r/5d47eb33287f3e9a0d8b4cd2/
60 KB
60 KB
Image
General
Full URL
https://cdn.user-api.com/r/5d47eb33287f3e9a0d8b4cd2/img_200x200.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
560af5a1e01bfdba09ae2c9753f48506dfcc6ea99fa844312c6592a4901b73a3

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
cec-up-gc11
date
Tue, 10 Dec 2019 16:39:19 GMT
last-modified
Tue, 06 Aug 2019 10:36:52 GMT
server
nginx
access-control-allow-origin
*
etag
"5d495844-ee91"
x-cached-since
2019-12-06T18:35:37+00:00
content-type
image/jpeg
status
200
cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
content-length
61073
st
n.domnovrek.com/
119 B
119 B
Image
General
Full URL
https://n.domnovrek.com/st?d=eyJ0aW1lIjoxNTc1OTk1OTU5LCJhZG5faWQiOjE3LCJhZHRfaWQiOjEsImNvZGVfaWQiOjY4NzQ5OSwic2l0ZV9pZCI6NDExMzA0LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjJ4NiJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Dec 2019 16:39:15 GMT
server
nginx/1.10.3
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
no-cache, no-store
content-type
image/png
content-length
119
stv
n.domnovrek.com/
119 B
119 B
Image
General
Full URL
https://n.domnovrek.com/stv?d=eyJ0aW1lIjoxNTc1OTk1OTU5LCJhZG5faWQiOjE3LCJhZHRfaWQiOjEsImNvZGVfaWQiOjY4NzQ5OSwic2l0ZV9pZCI6NDExMzA0LCJzdWJfaWQiOiIiLCJjbnJfY29kZSI6IkRFVSIsImNpdHkiOiIiLCJkc3AiOjEwNywiYWR0X2Zvcm1hdCI6IjJ4NiJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.172.81.241 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ggwq.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Dec 2019 16:39:15 GMT
server
nginx/1.10.3
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
no-cache, no-store
content-type
image/png
content-length
119

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| acrum_extra object| sc_adv_out object| _sc_cached_scripts object| sc_adv_ids object| SC_TBlock_Collection function| SC_ContainerElement function| SC_loadPartnerScripts object| SC_AdvOutBuilder object| dataLayer string| __sc_int_uid object| google_tag_manager function| fbq function| _fbq object| script undefined| offer undefined| scriptGA function| gtag number| __sc_int_uid_loadind_time object| $jscomp object| SC_Universal

2 Cookies

Domain/Path Name / Value
.news-world-blog.info/ Name: SC_unique_687500
Value: 1
.news-world-blog.info/ Name: SC_unique_687499
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.user-api.com
connect.facebook.net
n.domnovrek.com
news-world-blog.info
st-n.domnovrek.com
sync.users-api.com
www.googletagmanager.com
xl-trk.com
167.71.36.138
2a00:1450:4001:808::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:90c0:9997::9997
31.172.81.241
31.172.81.242
88.208.41.103
02c7d105dea81cae4b7af0d00edb79423700fbcf33bc6bc3848027b8140dade7
0d4da4fd08ed27d9f9925be16cef3d9bce8b1f81c98f154bb479447bc0cde92f
2126fc2575be0a61742665e6c30ad0963da3e5c091c6687dc459d5f5bbfbd0b7
3f770ca3d1dd1efddd74ba25f427361b085ccc2c48859682effb777f194aa9f8
401446a12abd5268c4d302a29adcf136ea63856ec87bd30ea609ff0d9d477e96
51e7c9b4da965d6f770ed74b309f2c247e50fd94985d5f80245ee7570821fd3b
560af5a1e01bfdba09ae2c9753f48506dfcc6ea99fa844312c6592a4901b73a3
5d4c6e6188c1f9d844f60e382e0d84e12126c274341e4dfa5b1e5bc6e5c5558d
60c1be63bb64ff6b05634cc1a4e4a66f0a5e1086dec123467e1a885949c543c7
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
75adb8cccac816f0e089279e48a1080525498e5c612eefa691e14686a9336361
8443fcf158a144036188acac8f224d0ec06458e92dcb1e2b078e2f6644ea18b1
a39ebcdd52a87442ffffec044427f9b121709e99d17081da3f3adf63ae227591
abcf8d3eea475199c434d716a783f8778d56448d6cb3d6b3601c08c3877a81a4
af4535119f9b8a8b6ea9324f0ee85bac081ef3d8ad07e19bdc98918c9117382b
b4be447048d69e8f127fe3a16bdf5136e2c731e8162f6203b4040e58a4cc6a87
d87fda202066ca3a7522fc6e22014f960367484c731fb140cb9a7eece6e0fdd3
e05b3a95cce44d8fb7c584f44667e1e4a7d6c8fa6365195b5257f0df434bbd24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1978fe3fcf6d5c2f0d5adfd75e910dc66484cd2dadbe4f07a21bfdbd7ae211
f488b4f4e0d5fd93a856ca2fef29c5d609465cc654724f8f989706512332cd45