firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 21:17:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lQw1pPi7ebLcQbVFq8D_9bUQ4RluL62Q6Y3tDCHwetysBkFL-o6pUQ==
Age: 3468
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9301
Expires: Wed, 14 Sep 2022 00:50:39 GMT
Date: Tue, 13 Sep 2022 22:15:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AqI8BQ-WaVrjP6Lux2JTnl1_jTGpO16DSeXayDSNd-nisrR4kA_X8A==
age: 63624
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 22:03:22 GMT
Expires: Tue, 13 Sep 2022 22:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BQPuEHhBMVMkWvpnf1nRRM_wpqqgpDtLD4tEDhD6BdvuLjeC1OFmqA==
Age: 737
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:39 GMT
Last-Modified: Tue, 13 Sep 2022 21:56:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
news70.net/
103.50.163.157200 OK 40 kB IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 2078e784fcacbc952958bc34200fe348
d1c3db7c327ac395408da67d5f54e8d7f6a739cd
f178bf0301c9704b9fd54c7b8744eb04f29136bbb3c8939b9da1ba36f3a8fcc2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:38 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://news70.net/wp-json/>; rel="https://api.w.org/"
Set-Cookie: aiovg_rand_seed=3493417214; expires=Wed, 14-Sep-2022 22:15:39 GMT; Max-Age=86400; path=/
PHPSESSID=7157c2f1ef07db04c98bda007a38f49a; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2
142.250.74.10200 OK 976 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2
IP 142.250.74.10:0
Hash cd0d7ee719c71856ef0826cb4239aa09
aca040f1a99aa9ae892874586b6e560cd7e24952
f461022b70025b86bf36a8d8b27fba51dd7de89ee43dcdc93c0a74c100ed8d05
GET /css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Sep 2022 22:15:39 GMT
Date: Tue, 13 Sep 2022 22:15:39 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
news70.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2
103.50.163.157200 OK 299 B URL HTTP/1.1 news70.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=75
Content-Type: text/css
news70.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
103.50.163.157200 OK 17 kB URL HTTP/1.1 news70.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16594
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 13 Sep 2022 22:15:39 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8Be8EdtL0B/KGtVRrsTTKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AMWuf7H5Iap5Kw4pUYGi3eUJsfk=
news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0
103.50.163.157200 OK 564 B URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 52dc6a8e85abdf73203fdae4e4b6f9fd
d19e874bdab0b560891082c591b33b7a481149f7
a6ed9df694f9885f6959a20b8aa2090235427dd579b89eed311fbad2d70cfce7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 564
Keep-Alive: timeout=5, max=75
Content-Type: text/css
news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0
103.50.163.157200 OK 1.0 kB URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 953438bfdb3f3c6aa7761618e2b262a8
b33522e1fe96ed2e2395e7bd015f756ba06b5534
783cab59b7959dcf64a11dfcd81bf46624c406eadca6ed47e4717b3acff305ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1035
Keep-Alive: timeout=5, max=75
Content-Type: text/css
news70.net/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2
103.50.163.157200 OK 2.2 kB URL HTTP/1.1 news70.net/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2190
Keep-Alive: timeout=5, max=75
Content-Type: text/css
news70.net/wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3
103.50.163.157200 OK 473 B URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 39464437367b8542343910306ce1bc50
b2b4967f2abc947467050144c3a1ea33c86dc6f0
755b2dfaf802c622c5f70456b04aed3c4125d178fbe34b99eb6da42830c767f0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 473
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
103.50.163.157200 OK 20 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF, CR line terminators
Hash 527edc0b6a6d8e712826831d040d5d36
6b805604bb3f77bf77248261ba167363f78ee449
b43ae731b48224682b19e26a36692f8d3fa636c613fc16055e024ba30f16d072
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
news70.net/wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2
103.50.163.157200 OK 88 B URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash e61686ae85ff40d0486d63edad647a25
c1ecfaf48fa21552af4573accff6f973f5d3129d
250f188866f5524cbdc41d9e3a3cf1a940bc26f8ec12308b02d47d9c93a84d28
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 88
Keep-Alive: timeout=5, max=75
Content-Type: text/css
news70.net/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1
103.50.163.157200 OK 666 B URL HTTP/1.1 news70.net/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1932), with no line terminators
Hash a8bccbf4243fd62badfb3cb50ee15db4
7b8b16d53e25f619a6595036fe41fef98cb0134b
8c5e441961ff9095ae4528ed33c7a2cb4c3f553a66de2ee12d719214f3dc37b3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 666
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1
103.50.163.157200 OK 263 B URL HTTP/1.1 news70.net/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (684), with no line terminators
Hash 2bca32e8e5c4a6c01018467b5c55f58b
514bffeee47835c711d56e324b777697f5e581c7
e1abfb3d80ce3cf9e4e87b2acc37a3e0998240866b7f475acc898aa041becf4c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 263
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4
103.50.163.157200 OK 1.1 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3184)
Hash 8110dac83703c6f3bdab05005b338dae
2d7fa29ab9e77366216866a3c399cff917625015
8b88b876325a3b5deaea39fc31f97d9ea452bf5f5a27a4eb0d0cdc5be386fb92
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1142
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2
103.50.163.157200 OK 7.5 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 425b9c5bb524774d7f30160c36771785
af60c1059fb990e6e86ff744f9c286e78f9966e8
a1dfafaf50ffe1e3996576f74f6e0e9dccee46d19aaf562fbe6e5575171b8062
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7524
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
IP 142.250.74.10:0
Hash 4103a4063f8bb5fa3297ad5293d97522
49bc2dc7f9a74f6902094b4091fbc8338d04e5f6
3857b3165ea8f20e24b14fb9fd93da9c27ea61b0d3d79a6f89c82d436202598f
GET /css2?family=Roboto:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 22:15:40 GMT
date: Tue, 13 Sep 2022 22:15:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
news70.net/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0
103.50.163.157200 OK 32 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65325)
Hash 3cac3383012d3b9c1b28ce53a9016651
3323de86376c6ea8dd265acdc39bcb82fdf1e8ac
29e021f86b877880a2e3e7c9f069d6ef5eab4930bc01d4633a05531df7ffd670
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b
103.50.163.157200 OK 1.6 kB URL HTTP/1.1 news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 7f8180c648c421528ee16de8685a776a
c5e2c1a8f552339fb821792c1996e0d5b58a300e
f9f47abe8f3afe4874965dab03a41beab7ef74e975689fb3f12638486a41e115
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1622
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b
103.50.163.157200 OK 5.7 kB URL HTTP/1.1 news70.net/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1062), with CRLF line terminators
Hash df4ba1a7acf67f153c7b0ae25a4ad440
712d09f601f071fe8980659ed33e573539d5ff7d
cfa615de85ee6e6b61c7b99aa1999361f20f640256e2e49a800e73873d152c74
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5743
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/themes/newscard/style.css?ver=6.0.2
103.50.163.157200 OK 28 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/style.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (630)
Hash 49c277b74aa969c4ac64c65e44f2ed99
fc66b37f1d95dd65dbe504f47ba7f8e4f2ac31e3
8a7eada705ad4f980da1804a584e433c188c5e8f8f346ee9445146bbe020c7d2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/style.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 56544aa492715fc7714bc4792e487c44
5ae3a793869000eea5e40b44dc68eff03bf3fc47
e53b80b85b1c9e2e384ea0ccfd0bfc28007656b4fbb09cf25dfc0679e77252d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E53B80B85B1C9E2E384EA0CCFD0BFC28007656B4FBB09CF25DFC0679E77252D2"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Wed, 14 Sep 2022 04:14:54 GMT
Date: Tue, 13 Sep 2022 22:15:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 56544aa492715fc7714bc4792e487c44
5ae3a793869000eea5e40b44dc68eff03bf3fc47
e53b80b85b1c9e2e384ea0ccfd0bfc28007656b4fbb09cf25dfc0679e77252d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E53B80B85B1C9E2E384EA0CCFD0BFC28007656B4FBB09CF25DFC0679E77252D2"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Wed, 14 Sep 2022 04:15:33 GMT
Date: Tue, 13 Sep 2022 22:15:40 GMT
Connection: keep-alive
news70.net/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0
103.50.163.157200 OK 5.7 kB URL HTTP/1.1 news70.net/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b885a856ec47b24d57973ed269096301
1ba3a6c279a88b97e7b7bf786ac6ef954477c3e7
ca80f4117b299b974725790d55c544f9aa4b4d73d64837419790c09736a8f562
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 12:59:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5692
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2
103.50.163.157200 OK 817 B URL HTTP/1.1 news70.net/wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash f5c7ece1468c567e7cdf2482009088c0
38e7ba1aca24c2b1e8812b2a6f85ea5ec902fda3
84d738d9b52668c9ecf75e9a69a62329f9ab2c921ace26fc64d1d27366db3d22
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 08:57:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 817
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5
103.50.163.157200 OK 16 kB URL HTTP/1.1 news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (39368), with no line terminators
Hash 82df2bf227f98a0cd29d76d90106eef1
f53cd5ec6e80eb5db22b76be7946ac625c1b0e43
120c7dc5c648bad8d9e5cd644afb92489355d76a11a884da9a6f82e498e29d6c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15828
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.50.163.157200 OK 4.6 kB URL HTTP/1.1 news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 15:05:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0
103.50.163.157200 OK 21 kB URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2267f2eefd72f4650548e6fc2df792a6
d6fae7c22766be5dd0e48b1ec435e7e6506d86f7
a0fe857bdb0a1bd65bcb1b0f3cb94c1657004b58033e4d22c9524bcfdac53e1f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.50.163.157200 OK 39 kB URL HTTP/1.1 news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3
103.50.163.157200 OK 191 B URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash cc7a6100ccb6ca822f20c707dd1ebd64
45a550eaddd160212aa24a9e0c55268d52550dbe
d237511a05f94adf69a01ae4565099ef159e6306d93c3e565a2be39707f2250d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 191
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835
103.50.163.157200 OK 3.5 kB URL HTTP/1.1 news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 49f46872de0269c8bd369293b23953eb
815b449df1258da752c347ebbce713a77ea3f078
d360a7ad5bf004818b3ef3eb40b070076a4d7cf16e60299c82f74fa9b477c9e8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 08:57:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3517
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
103.50.163.157200 OK 5.3 kB URL HTTP/1.1 news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2
103.50.163.157200 OK 184 B URL HTTP/1.1 news70.net/wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF, LF line terminators
Hash 1f5fd7e5f3f1b15cdc01c6f3b5682c5f
f101025f5d6b322b598f43c966ca3705df3a616f
08c2f4f9c56b80f450b87a2fbca63cad305a4fe9a0d8d21d6f77bccf41978c6d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 184
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2
103.50.163.157200 OK 9.2 kB URL HTTP/1.1 news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9204
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0
103.50.163.157200 OK 12 kB URL HTTP/1.1 news70.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (45570), with no line terminators
Hash 8cef004b3d40410cbb90d2f52764c21c
a418ad610d036d8736f8b9a3eb1f87fced34dccb
831bfa926aa282b155302a4c5e0c54388569f438625ac0b01289f74edfb6b0e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11721
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
103.50.163.157200 OK 8.2 kB URL HTTP/1.1 news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8169
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2
103.50.163.157200 OK 4.9 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11484), with no line terminators
Hash 1b60910f11a0d775fcfa572adb62ee64
f1bd74f734e6938c95d01de8e868a7c785ddbc4b
2d1669803c454716bfc0cbf4a477db499c13d6070b3b06dad649e3903b107a91
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4850
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2
103.50.163.157200 OK 1.6 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (2861), with CRLF, CR line terminators
Hash db111558e1a36ddb44ee116a32a1f046
0be7812f2f99932c1ebb96b7b4c5d6b403e20da5
dd692eb76a66ce5fa3ee4a9ea97bd46cabc6c9a8ccbe08def28f48ffa10c5fbb
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1566
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2
103.50.163.157200 OK 696 B URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1472), with no line terminators
Hash 149199e590e83a45c6cfb84e505ee166
d2a506c87a1ce49b6927eb70b36a2e05054734b8
91cb2836b2266eeee962eb258c85c327a5f0e3c8812fefdc74cf685b72537d57
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 696
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
103.50.163.157200 OK 8.1 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Hash 858bedde4b9d34c2e8d8b560e35e5790
6756c1cb335f67950d73f750e29f2a9fbee8d01a
52d249c8249cc2d301304f75b3f66ed5fe81c725b6de28c97e12d374e9de55ab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8149
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9
103.50.163.157200 OK 8.1 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19015)
Hash f6925cc7e38a3ba395092eed41a330ad
bf5a10c1b636884222efefa2e864f8d8348c66a1
fa8a3e60a540432215317cbd453808de2f493e6643321374f776efc5cfcf181b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8148
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1
103.50.163.157200 OK 1.7 kB URL HTTP/1.1 news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (4284), with no line terminators
Hash ab57d0fc3abed1d6fe66d1b61fc4dcca
358992fd5a5ff3bcc72d68249b67d9d7fc069633
928c314bb6046779ca0d8da54a0223d33fc4b905cb94ab54ee8fa1b356cf260b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1690
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0
103.50.163.157200 OK 20 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (48664)
Hash 8cb6c19de46b8d4103fd9c4e7274b880
c96eee753acad37467eae08af97b258fbc91d738
2419d1307915ca2bec616321db284292e0087c742077751962d3db841867f1c1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4
103.50.163.157200 OK 16 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31997)
Hash 8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15883
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2
103.50.163.157200 OK 193 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4b21a25e72db705943cf0f5c17facefa
8da7b7c58564b0c7e6c88eeb10fdf75339be5775
72cdb461e3049928c0c030fe02f3ac6e17f1d501a07bab28fdaa08da79573496
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 193
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2
103.50.163.157200 OK 1.5 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (521)
Hash a7e596dd85011b4d41c1db9a87d79f3a
a7b716d860459ddec30bd14de57f98926d8a59e9
5afa336dd99a71d0f289ce7cbc29a1fe95c1d30e695b1f4ba6fe181515542916
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1469
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2
103.50.163.157200 OK 100 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5be52cde597334450bb65fcd61cca240
17f9cbc516e52d8834c18f4c4b671d4acbc7e4c9
38490d6dcda00b1a43902bdf6439a6f5222dab204e363a7e4266c13cb8637384
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 100
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2
103.50.163.157200 OK 3.0 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1219)
Hash a967f470f371f929079d9445ac694fac
79aa1544676d566d758af6dae9489d5d71fb3e01
b643b39289c6f47ed7f534238a0c9b4425e4242784cb26255e35bc8ad9b7aa4e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2955
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215
103.50.163.157200 OK 417 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 417
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive
news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2
103.50.163.157200 OK 265 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a3dd590c6095374226b19ab5da1ec939
4d9baf71f5d9c80a2cf45af676ff4d17d245f0ff
397bbf0a80b9de6c8fc2ba6edc665e9bee05c0f57860504e0147d9a76aa1699e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 265
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 06:18:57 GMT
age: 57404
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34b74681f6d64ca1c010044535056275
ef6cd4bdd5ddbdb92b25816dc82796f857d29cce
d3ffb558a261fd982989931ed8bd8e8f132735bb99fa5a42a032efdbdfbf6ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4482
x-amzn-requestid: e9a99ad0-f093-4c9b-87b4-13ebac164413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5FIUoAMFcUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4438ced526ebec8e7819b700;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _et90o-4_I8qkmQuwvLolMCtcidFgElQfg9KcHeCgMiaDvxndleAgg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:20 GMT
age: 2061
etag: "ef6cd4bdd5ddbdb92b25816dc82796f857d29cce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 467dd8d3b95082f8cd91bcbcdd20e5fd
77e495af2af5678308ad8ef5485f925386f0b418
7cf3a1cd3868d2030bcaf1f8b4ce6a221d8e0d222487354b86f51cd5e4322115
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7297
x-amzn-requestid: d57a4a7d-57d7-4dc0-9382-36c72d154b12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav61HfzIAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9de-601c198b76e739502cb3ecfd;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l8eGAJWPb4y1bUnqba2Ae0xmUW3IjJxdEWOAgw8qOzRl3R9I-ScbTw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:12:32 GMT
age: 189
etag: "77e495af2af5678308ad8ef5485f925386f0b418"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f85dd3f15d0c55c06f712bbfb6f55fa
2c053f4774c450e42effdc440e89fb2ce232bad3
0035f6235d012f4c2ffbc8e414e82bbba3235c51e20f7b1ebebcdff47be285fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8836
x-amzn-requestid: cae5f1fa-005b-4819-900e-e0cec381e450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavYxGUCoAMF5Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f904-1be4cae92b407bed2a128109;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:41:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Edqp_EdPzoXt6xQtd24wiBzLSdqQ2HYzOGExvqkcJCUwSN5Kn7lZcQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:00:47 GMT
age: 894
etag: "2c053f4774c450e42effdc440e89fb2ce232bad3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b13597e0a940250612993db031202d62
aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9
6d3c52dc3095ed849d6be14697d4c7f1278042ce11da4939df1237c1b1c92101
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6821
x-amzn-requestid: 884c2672-28f8-4a1a-a18e-d53c82d65645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5Es7IAMFkwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-25fa585f3ca1d8c559dc295b;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YPtX1bh_mzR9MrOXsrfw3J0gxRGuu0u5PY2ZFbxdD-Ht4fqvOfTQ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:21 GMT
age: 2060
etag: "aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 1449
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4
103.50.163.157200 OK 3.0 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e3cea22516ec60740080799633b48ccd
488758da0421233b083853e054caaf9152c5709a
da21c4768cf429ddad3b97f762bc18a5726aedafedb0054c0585c71dd31c6b6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3009
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2
103.50.163.157200 OK 361 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 3fab3d6bd8d195b9ed02538b4d489cd2
25e33ad07ef018fb7d37b7971d31c9fa2104517f
36d7c82983ecf00df6c97641df61786f0b5d80e17d5b1860e56cc7d564ea4e6d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 361
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2
103.50.163.157200 OK 888 B URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6c27a3148aa590c99a12c790beb1ab3a
33371c9a38222c4fdd4a055e4aa4d889ad7b874a
590dbd297252c491f819332d690314769b541d0f9092b1326b1550140ad1f458
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 888
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2
103.50.163.157200 OK 180 B URL HTTP/1.1 news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash fb507089eb6755d1c451bffb5df66ac6
a22ce9ffb47782755c8fff37e0206398b251df45
67ddf71208ca0531574bd36ab1e56e0b751e95ea96080c05ad8a77b8fdc79d72
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 180
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
news70.net/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2
103.50.163.157200 OK 181 B URL HTTP/1.1 news70.net/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash af9b9127be2d7fcb8b8c5280c6aa886d
2eaac42877669e704b790fcfaae1f85a78e0487a
383359f52bee080417fb4b78c7a6c9dd603e1dfe6a3dc205ff1ef364b163cc9d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 181
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
news70.net/uploads/banner_main.jpeg
103.50.163.157200 OK 104 kB URL HTTP/2 news70.net/uploads/banner_main.jpeg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size 104 kB (103915 bytes)
Hash 039dda4dd23eaeee9c78bba7bc4efaa0
aaf2537b9b9b3a336e27c79a892fc18e650ad1fc
7595e37446380a2a2f9f8286ba87869dc67945942d2e034a94687eafeb664231
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /uploads/banner_main.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Jan 2022 09:41:18 GMT
accept-ranges: bytes
content-length: 103915
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg
103.50.163.157200 OK 173 kB URL HTTP/2 news70.net/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size 173 kB (172986 bytes)
Hash d8b85e8438e9ddb306cc03ee80be11cf
33e7c5dd1f3a6151a6792b52c64ad28a38e9ae30
7a30eb94fcfb72d4567788ae765d6fd537f8073b8a31d4f66233f3d9243c599b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Jan 2022 07:52:05 GMT
accept-ranges: bytes
content-length: 172986
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg
103.50.163.157200 OK 1.9 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1245), with CRLF line terminators
Hash a92204d8d2a42c5183e48f8e15ba3cc0
6c2467260d53d059811eedb8d4eb042174f7f51f
8d986d3644be383ee839e6695e0e09091a07d97c53318f567fd50d221c487692
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1893
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
103.50.163.157200 OK 1.6 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash dd7a77031e42a43d2d85c60c40c7ee11
cc3db2995b97aa97dabf06703dfbb1352367fb9b
d2bbd9c27168416289a2b9b8ee4e21b3473338cc5e29f99b734a9c510a5e9a19
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1566
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/uploads/2019/04/ezgif.com-resize.gif
103.50.163.157200 OK 442 kB URL HTTP/2 news70.net/wp-content/uploads/2019/04/ezgif.com-resize.gif
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 260 x 100\012- data
Size 442 kB (441625 bytes)
Hash 19b5312f0ce6dae9a60c14d2cc40f7a1
ca1c07b2a68bcc3b3e6c3b8edb5988e23ec81584
4d88fafbb0678357a2c1c76ed5c3bb99415c9f4bb636c9fe709c5c9422f014a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2019/04/ezgif.com-resize.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 441625
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/gif
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png
103.50.163.157200 OK 1.4 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash aefdab6a1fa07a80cf7d515bb4c7e649
9d40f38c201c9bceb18ccb779d03395b2d1aef7b
1652bc4a1ab4701912ff8832e7e58e3074e1fba1eaf53c43b3a3eb92243ec1cf
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1351
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/plugins/gtranslate/flags/16/hi.png
103.50.163.157200 OK 431 B URL HTTP/1.1 news70.net/wp-content/plugins/gtranslate/flags/16/hi.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0bce589c49b6ca00911ef9bdf06bc97f
4e0bd007f1e79ad5695702f15de9d88994731742
2391b58386bbcf27a8c830aaf9a384b6cf39d9a518bf1d27f1425e398a243c62
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/flags/16/hi.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 431
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png
103.50.163.157200 OK 1.6 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 9b2c259303c3176e7354bd7d5c28b5b0
d43ea265a992d03c4f774a81c875495ea480e0ee
3019cd22da7290ab40dfeee16e1a7390cede915e175b28af4d5fb75a5157f864
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1644
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/uploads/2019/04/background.jpg
103.50.163.157200 OK 6.1 kB URL HTTP/2 news70.net/wp-content/uploads/2019/04/background.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x260, components 3\012- data
Hash c059dc98ec9959c5304ae119f9cf5ce8
1a250487331c3aaf2100dbe93529fba008a3d02a
579d1ea1a65d5f832256956d1359725dad70bf324961e758283fdcd016176c61
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2019/04/background.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 6067
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png
103.50.163.157200 OK 1.4 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash fd252856427200b657dbc55dddbd1217
af4029bf1ab66c8211b37fe27f7e0e3bfa588f41
0dce5940cfbb1995ffa0933df7bdd96af2b9bfff5f4ae12dc1641ad0ce920019
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1357
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-includes/images/spinner.gif
103.50.163.157200 OK 3.7 kB URL HTTP/1.1 news70.net/wp-includes/images/spinner.gif
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 20 x 20\012- data
Hash d54cf50a44bd0aca6fd98bd46acbb2ba
3207333caacc856be8b253412cb7947981924934
5c2d44038a6c53bd74f3a26e690c1974e1385fffbc6def4c59f91dc1f738f0b3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/images/spinner.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:25 GMT
Accept-Ranges: bytes
Content-Length: 3656
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/gif
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg
103.50.163.157200 OK 2.1 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (947), with CRLF line terminators
Hash 59c253da886378c1188673bcb674d058
922e7e38e538800b9aef3de34f50759db2886132
dfa6989bbc25ccb9fed7f116fc1a46df25bea3c909b27e2b51c37b9601e1ef82
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2096
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 21:22:23 GMT
expires: Tue, 13 Sep 2022 22:22:23 GMT
cache-control: public, max-age=3600
age: 3198
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png
103.50.163.157200 OK 1.5 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash b4699c9022529206d2a3f5674a8c6f7d
9949e3326520912ca0d7bd6582b1d655d98bb1fd
6b598958eccff91e50b3f1d35a8193f70e72c2b327abb8fc46b17c46c483cce9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1529
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png
api.qrserver.com/v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff
195.201.128.178200 OK 16 kB URL HTTP/2 api.qrserver.com/v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff
IP 195.201.128.178:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 200 x 200, 1-bit colormap, non-interlaced\012- data
Hash 26d95324bfeff134defcb63ba08c7834
491c54b9ef039468a22d17f5efed9667ae5c7dd7
2736dfab2c0bb627d0802759627aafe65f92adeec77ca359b486b0f13009a44d
GET /v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff HTTP/1.1
Host: api.qrserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:41 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 7200
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 20:15:31 GMT
Expires: Thu, 07 Sep 2023 20:15:31 GMT
Cache-Control: public, max-age=31536000
Age: 525610
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 21:41:09 GMT
Expires: Thu, 07 Sep 2023 21:41:09 GMT
Cache-Control: public, max-age=31536000
Age: 520472
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg
103.50.163.157200 OK 1.6 kB URL HTTP/1.1 news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1559), with CRLF line terminators
Hash f097769beafcaa1f731ed8ebe5200db9
e66fb58cc992221cd87f79f32118a990b5300529
96ef746a7410d2973015d13c2dd5c58b7bd29fd5a5dbbd7b2d1620fd36d01da0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1579
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 15:56:23 GMT
Expires: Fri, 08 Sep 2023 15:56:23 GMT
Cache-Control: public, max-age=31536000
Age: 454758
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 528093
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news70.net/wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg
103.50.163.157200 OK 9.5 kB URL HTTP/2 news70.net/wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 262x348, components 3\012- data
Hash 977d828474aec088936bda3c73282b31
50288869c70bb98dc86d96445ce11c04754abc1d
b58e6e05eb979623516d98eaee4738523f895f20b3aeebfa0f0bbd08934fdae2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 9459
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/plugins/gtranslate/arrow_down.png
103.50.163.157200 OK 208 B URL HTTP/1.1 news70.net/wp-content/plugins/gtranslate/arrow_down.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 5 x 3, 8-bit/color RGBA, non-interlaced\012- data
Hash 20a650477130c7c2c62c5647131f545b
4615101fcc5df1fab3e7dd516d058e1052a8fcb2
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/arrow_down.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 208
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/plugins/gtranslate/switcher.png
103.50.163.157200 OK 207 B URL HTTP/1.1 news70.net/wp-content/plugins/gtranslate/switcher.png
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 10 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash d6ae4f341752017ab0e603e3bb9260b7
c84c11d3bc69c7e14b2f75e7dea6e0ac93dee1e2
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/switcher.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 207
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/png
news70.net/wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg
103.50.163.157200 OK 100 kB URL HTTP/2 news70.net/wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3\012- data
Hash 915d67910c34b041e2f04166675dde3a
44581d5128842f0d75b07d77584a2c5381ea7540
b951377f5a09656b38e7410108d3921c451a185522e5bd38aef96265160d9f39
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:11:41 GMT
accept-ranges: bytes
content-length: 99971
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg
103.50.163.157200 OK 105 kB URL HTTP/2 news70.net/wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x578, components 3\012- data
Size 105 kB (104999 bytes)
Hash 7a5294b72f521f8fb0b483bafa508cfe
e11cafe5e20deca7b61ba58ec8bfeee29a8815ac
e8303023835aa5d5e5cf1ae2fd3ebc54a4e297d4062fd9d1712a4b65b7bcd575
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Aug 2022 16:01:24 GMT
accept-ranges: bytes
content-length: 104999
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg
103.50.163.157200 OK 102 kB URL HTTP/2 news70.net/wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 818x1280, components 3\012- data
Size 102 kB (102281 bytes)
Hash c1880eba459c584d2959c8af2027f1ff
f6421031ce1a7d14b73f54ceb2a0e860eaf942ac
a7548300331999880bee328282b504271d468d45073bab630ec3d577cb55df3c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 07:51:58 GMT
accept-ranges: bytes
content-length: 102281
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg
103.50.163.157200 OK 106 kB URL HTTP/2 news70.net/wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 958x1280, components 3\012- data
Size 106 kB (105984 bytes)
Hash b6e51b86f0da739d64461b2be236f41c
267092ce3dd84b49caa36f6a321a1dc04d5bf385
4e98aa7040610ad953c39a8ea7a33f804e1eb5acd825cc1852c3ed5a4fb0fd88
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 09:50:02 GMT
accept-ranges: bytes
content-length: 105984
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg
103.50.163.157200 OK 129 kB URL HTTP/2 news70.net/wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x720, components 3\012- data
Size 129 kB (129393 bytes)
Hash 7d5fcfb69bb8fb9ed8a327a336aec734
8514bbbf84a4e2f8b46e89938ea64ccb6d7f2fc9
b58a09a9aa124a86a7e7fc5cebc3b3ec165a4e2af54ce53ef813d625576dbb97
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 07:56:13 GMT
accept-ranges: bytes
content-length: 129393
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg
103.50.163.157200 OK 125 kB URL HTTP/2 news70.net/wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 893x1280, components 3\012- data
Size 125 kB (125156 bytes)
Hash 8b0fb6968c6ff2858a61c159582d590a
3a23ef823a64e653ca009a01914bc0274dd158e1
c8c65188c355e70166ae8dac99fcc638e1123e086c6d162435e33b78db4d9d61
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 31 Jul 2022 07:40:37 GMT
accept-ranges: bytes
content-length: 125156
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
103.50.163.157200 OK 77 kB URL HTTP/1.1 news70.net/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: font/woff2
news70.net/wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg
103.50.163.157200 OK 143 kB URL HTTP/2 news70.net/wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x958, components 3\012- data
Size 143 kB (143165 bytes)
Hash f5a8c0f29fc4823096649013cf061e4b
90f92834cfdd6e7c5804648e800e22ba4a97ebed
7cfd5c3c15069b9c5746163f1cc4b6516dfd94ddaee357d5bffab8c9ba6cdaf5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:38:21 GMT
accept-ranges: bytes
content-length: 143165
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
www.goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
198.100.157.117301 Moved Permanently 162 B URL HTTP/2 www.goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
IP 198.100.157.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /widget/iframe/live/XAU/320?currency=INR&weight_unit=oz HTTP/1.1
Host: www.goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 22:15:41 GMT
content-type: text/html
content-length: 162
location: https://goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 9295b72021d6985387103fff388ad8b3
246b612bf3fd7bec5979b81a39f3f32dd8f480f4
c917cd8d0fe194d257fcaaa47588ac48947648f3b1aaa0f67d57b96716c93d84
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 128ed31b9a30d5c28015306a41f5bf7d
ETag: "b4a9e5bbf44fa5a220fec34032298a1c"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 13 Sep 2022 22:24:20 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: kpW3ICHWmFOHED//OIrYsw==
X-FB-Debug: 73eX/DP4Ca/PLiebIkYDi9Q7fj2XDzq7hcJGT2WHMaGJm0z8Bv19VG3PVF0cGFkQXgtVA0/8OTJTIYYteS6RqA==
X-FB-TRIP-ID: 1679558926
Date: Tue, 13 Sep 2022 22:15:42 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1685
goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
198.100.157.117301 Moved Permanently 162 B URL HTTP/2 goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
IP 198.100.157.117:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /widget/iframe/live/XAU/320?currency=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/html
content-length: 162
location: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg
103.50.163.157200 OK 988 B URL HTTP/2 news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 12963cfeb6daea4743ccb30e2c4b3869
47f0ecbef665a5594696a15a048e7f1f31ac1e25
d58d8347e0c06aab1994a859b72efff638afd05fc5cbdc59995a97c1fc578463
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:25 GMT
accept-ranges: bytes
content-length: 988
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:42 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg
103.50.163.157200 OK 6.4 kB URL HTTP/2 news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 247bc7252076950db1ad3a9abbf7f998
e110a7d57ec018d938d6617b77b245366701ae88
7af381e868049ba17c041bc6bf6da771d9208a48fbe9c3b28199bff7a941038c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 6351
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:42 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:42 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif
103.50.163.157200 OK 4.2 kB URL HTTP/1.1 news70.net/wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:42 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Content-Length: 4178
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:42 GMT
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/gif
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.42200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.42:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 22:15:42 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 22:15:42 GMT
set-cookie: NID=511=cJ9KGmwUl53si7xgCFt5_bggWN3cQZA208WVcrZP9_TX1ERGimRyjIpzE62Xfr8dryF3PH7cth-9FWTbE9GdpV-cFltVJTSfSqoMM-A-3UrzPWujwovhqtvH8_OMbfAmQJrTU-2HJRMr_S-_YUZ3MwiorxFU02qX2h4SgeWuycM; expires=Wed, 15-Mar-2023 22:15:42 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+232; expires=Thu, 12-Sep-2024 22:15:42 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 97c6f98caadbd5ab949c1e48f310e5d9
eb9e321d545d650bd9ad894daedc0af47046d8e9
2df18cef2f4bd82065d48cd8ea62ab79140d6951491d3bf86c1f47488fc893f0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 18:44:08 GMT
Expires: Tue, 20 Sep 2022 18:44:07 GMT
Etag: "eb9e321d545d650bd9ad894daedc0af47046d8e9"
Cache-Control: max-age=591504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a43e392b560b61-OSL
api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844
82.196.7.246200 OK 516 B URL HTTP/1.1 api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844
IP 82.196.7.246:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (516), with no line terminators
Hash 12943810b70a4c4c42353cb0a8effda0
3c5727d0a242cb3320ee00c9773eff42f05eaec0
6a21d9f47b5b0ba4f7aa4c57c94a69df8ea14a9a1f56c75c031b0aefe46271e5
GET /data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844 HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 516
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?_=1663107327844&callback=jQuery36007009270540697159_1663107327843&lang=en&q=ranchi,india
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
openweathermap.org/img/w/04n.png
138.201.197.100200 OK 2.8 kB URL HTTP/1.1 openweathermap.org/img/w/04n.png
IP 138.201.197.100:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 346f20bb618e7f86dcb32eac361ae541
95d193d618f4a2ed45610df889d652339445fa1e
154cd42c57aa253ece6e86d291c77b06c1d09ec824459e977dceb5a411b2ddb5
GET /img/w/04n.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: image/png
Content-Length: 2773
Last-Modified: Thu, 22 Sep 2016 11:59:54 GMT
Connection: keep-alive
ETag: "57e3c7ba-ad5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Tue, 20 Sep 2022 22:15:42 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
goldbroker.com/build/front/amcharts.f2ea9b5a.css?1662551049
198.100.157.117200 OK 52 B URL HTTP/2 goldbroker.com/build/front/amcharts.f2ea9b5a.css?1662551049
IP 198.100.157.117:0
File type ASCII text, with no line terminators
Hash 38d3e9e923fb662eca8fe27326630814
89f21732565af1d6994e10bbcd09d715f162dcaf
ba93927a2b6655017b75d0ac0de6662b0909eeed8430f9cecda2fda5e86de9c7
GET /build/front/amcharts.f2ea9b5a.css?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/css
content-length: 52
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
etag: "63188438-34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
news70.net/wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg
103.50.163.157200 OK 910 B URL HTTP/2 news70.net/wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 15:00:56 GMT
accept-ranges: bytes
content-length: 145905
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
news70.net/uploads/video.mp4
103.50.163.157206 Partial Content 757 kB URL HTTP/2 news70.net/uploads/video.mp4
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 757 kB (756974 bytes)
Hash e5117cd159b35caa49547add0529a515
ec23e56d7342a4b3bc10ef7ea2a4429bd885a11e
1596af9da4c4d46380052ab8b6cf1a42a6b2493b3c1eba33b661cb542fde4eb9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /uploads/video.mp4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
last-modified: Sun, 09 Jan 2022 07:47:31 GMT
accept-ranges: bytes
content-length: 14872956
vary: Accept-Encoding,User-Agent
content-range: bytes 0-14872955/14872956
content-type: video/mp4
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:42 GMT
Last-Modified: Tue, 13 Sep 2022 21:12:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:42 GMT
Last-Modified: Tue, 13 Sep 2022 21:12:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3
157.240.200.14200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3
IP 157.240.200.14:0
File type ASCII text, with very long lines (18460)
Hash b974b1718f2987706ae3ee523314f31e
5c2850c55c815ac36e82ca24b61c45023547f87c
1edc5fed4cb4ee5c9d9fc9673ed49f1fd4159f35f278f2f0d826a7eb7746ab0a
GET /en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news70.net
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3efe18fde3c94cc16c6c77a853e99732
etag: "9a959e20cc19da2bd797e6579dc8775d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Sep 2023 19:59:38 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: uXSxcY8ph3Bq4+5SMxTzHg==
x-fb-debug: QwvjAMYXgQAc1CdudAePKnlFEx4GiwYVeSOIGsdK12Pf4LjpMMrCX/abroN2cH8sDfXOacR0iiCtKod5FyqHzg==
priority: u=3,i
content-length: 87978
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 22:15:42 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldbroker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 528526
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldbroker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:28:30 GMT
expires: Thu, 07 Sep 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 528433
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.1 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash a77fe522092dc8647f147c3c7e017133
1ae17a9a563ee8a7a621a0a277be18588901e87d
bb6db0daace2685b7e689995340ac36a65bac061e76f16f33422c2f512e6b5bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M3J7F9
142.250.74.72200 OK 52 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M3J7F9
IP 142.250.74.72:0
Hash 72022035adcff7377f22a2643856a394
3209e5e5921f01056403b41ca0320f461294e6a9
06366cf7e54c1ef1ee32af18ed2fb50cf5e46eda585040865d55e84e0ff1539e
GET /gtm.js?id=GTM-M3J7F9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 22:15:43 GMT
expires: Tue, 13 Sep 2022 22:15:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 21:13:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goldbroker.com/build/fonts/fa-solid-900.ada6e6df.woff2
198.100.157.117200 OK 78 kB URL HTTP/2 goldbroker.com/build/fonts/fa-solid-900.ada6e6df.woff2
IP 198.100.157.117:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
GET /build/fonts/fa-solid-900.ada6e6df.woff2 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://goldbroker.com/build/front.f4bd368a.css?1662551049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:43 GMT
content-type: font/woff2
content-length: 78196
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
etag: "63188438-13174"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
143.204.55.80200 OK 712 B URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1218)
Hash a148992a7b15dc7e6a9fa9d5e18e4368
8e4a5a0913a09aaa93313be6d24c3052d3718c39
42f1dad641e614b4bfb3524caf5b1ff69ee49f53dc56f0336bbfb44910b30120
GET /bootstrap/v5/tp.widget.sync.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 712
date: Tue, 13 Sep 2022 04:25:15 GMT
last-modified: Mon, 30 May 2022 14:38:03 GMT
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CNEZ3-x6Dwa1ra_ZDz5LYFQ2N_Zj7yJxbBfRoLEvl4qG3CTgNq8qhQ==
age: 64228
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.80200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 13 Sep 2022 00:51:49 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lnTa39Ypo9llobe9Ln0rbHopExDfnvsaWAz_caVKySFDV7cNK-Q-Vw==
age: 77035
X-Firefox-Spdy: h2
news70.net/uploads/flag.gif
103.50.163.157200 OK 3.4 MB URL HTTP/1.1 news70.net/uploads/flag.gif
IP 103.50.163.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 640 x 352\012- data
Size 3.4 MB (3377164 bytes)
Hash e6c7eba728a5de8c2c8dc1b76b1682de
04c41d98076f6f8348493db5b22b87dee7269e45
fb0a0dafd4772cf0a607953cdc6e15f6e8bd9d16cdd4994397d238014581acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /uploads/flag.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 06:15:39 GMT
Accept-Ranges: bytes
Content-Length: 3377164
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/gif
goldbroker.com/api/spot-prices?metal=XAU¤cy=INR&weight_unit=oz&boundaries=1
198.100.157.117200 OK 19 kB URL HTTP/2 goldbroker.com/api/spot-prices?metal=XAU¤cy=INR&weight_unit=oz&boundaries=1
IP 198.100.157.117:0
Hash a0e29296fc64158cb8cd76bbb99ab5c7
584f89c1ade0bfec7739b8c319fefcdb08ef8b39
8be5a8e538c266e2db32381f3300fffaf4bddadcdd538db26f6fbc4c963d0d2a
GET /api/spot-prices?metal=XAU¤cy=INR&weight_unit=oz&boundaries=1 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: max-age=60, public, s-maxage=60
date: Tue, 13 Sep 2022 22:15:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding, Accept-Language, Accept-Version
x-frame-options: SAMEORIGIN
x-content-digest: ena520bfb037165e7eb1b754a8c0dcd48500e1f95c52dd75e595f0c6db15d5ac94
age: 0
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/front.f4bd368a.css?1662551049
198.100.157.117200 OK 93 kB URL HTTP/2 goldbroker.com/build/front.f4bd368a.css?1662551049
IP 198.100.157.117:0
Hash 79271f17175720c197786876ec1b87b2
e0e2f7d68664b427e8bf1689b2545f45d4f6be7d
0844f4c1ade1303e2a03947510794cdd16ee30d18f28b68aee6319e4eb48e6de
GET /build/front.f4bd368a.css?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-71e64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/558.59ceb5fe.js?1662551049
198.100.157.117200 OK 95 kB URL HTTP/2 goldbroker.com/build/558.59ceb5fe.js?1662551049
IP 198.100.157.117:0
Hash 67f46e2a898d3b1a2dc66312eaf2a205
1bc967acad1ea12a748bf6343af9fe43110b8eeb
e6386f33998049c6edd8db5bdc3d7603868eb3282c403c1efdc68b72441b2aa8
GET /build/558.59ceb5fe.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-4d81e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049
198.100.157.117200 OK 5.7 kB URL HTTP/2 goldbroker.com/bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049
IP 198.100.157.117:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4433)
Hash 82fadc2005f0ac8335bb6c085f0331a2
21e151c9e36b26656fa3991d5d9c297c7500c418
1fe67f4dc6adc677cd1fd675cce7471f5d888ab7f97459b5c6f32598c56ef79c
GET /bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:44 GMT
content-type: image/svg+xml
content-length: 5669
last-modified: Mon, 02 May 2022 12:00:37 GMT
etag: "626fc7e5-1625"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
198.100.157.117200 OK 7.4 kB URL HTTP/2 goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
IP 198.100.157.117:0
Hash de9f1a4ed6b4dbb242dbf2c9829edfef
4f30db7743bd4fc67bed2e7f51b60bca565c5487
1239a00be0a6607d2cbb778ee481f2676adee3514e1f6debb8373e5dc02fe41d
GET /widget/live/XAU?height=0¤cy=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private, s-maxage=60
date: Tue, 13 Sep 2022 22:15:44 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
expires: Tue, 13 Sep 2022 22:15:44 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/962.f2cb67f7.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/962.f2cb67f7.js?1662551049
IP 198.100.157.117:0
GET /build/962.f2cb67f7.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-4e4e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/runtime.28e69a3d.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/runtime.28e69a3d.js?1662551049
IP 198.100.157.117:0
GET /build/runtime.28e69a3d.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-5b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049
IP 198.100.157.117:0
GET /js/routing?callback=fos.Router.setData&v=1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
cache-control: max-age=315360000, public, s-maxage=315360000
date: Wed, 07 Sep 2022 11:45:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-digest: en087953e24c129b11f56a5064d8a162db206d5d6bb4c2df58af9074b1334d026d
age: 556208
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/755.f5cf308f.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/755.f5cf308f.js?1662551049
IP 198.100.157.117:0
GET /build/755.f5cf308f.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-15f95"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/458.a4d26bb1.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/458.a4d26bb1.js?1662551049
IP 198.100.157.117:0
GET /build/458.a4d26bb1.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-535d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
IP 198.100.157.117:0
GET /widget/live/XAU?height=0¤cy=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private, s-maxage=60
date: Tue, 13 Sep 2022 22:15:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
expires: Tue, 13 Sep 2022 22:15:42 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/661.0c094aab.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/661.0c094aab.js?1662551049
IP 198.100.157.117:0
GET /build/661.0c094aab.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-9687"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/front.fa985674.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/front.fa985674.js?1662551049
IP 198.100.157.117:0
GET /build/front.fa985674.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-29647"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 22:15:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+686; expires=Thu, 12-Sep-2024 22:15:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goldbroker.com/build/51.a0ead035.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/51.a0ead035.js?1662551049
IP 198.100.157.117:0
GET /build/51.a0ead035.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-30517"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049
IP 198.100.157.117:0
GET /bundles/bazingajstranslation/js/translator.min.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Thu, 02 Dec 2021 07:27:01 GMT
vary: Accept-Encoding
etag: W/"61a87545-13ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/translations?v=1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/translations?v=1662551049
IP 198.100.157.117:0
GET /translations?v=1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
cache-control: public
etag: W/"decff836154ed70f8b08ce454813a4d7"
expires: Wed, 14 Sep 2022 11:45:44 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-digest: en0c3bf6d27232cd3bf16cbae427dc9cf239b6950c8dff43f7f1ae7340a719285d
date: Tue, 13 Sep 2022 11:45:44 GMT
age: 37798
content-encoding: gzip
X-Firefox-Spdy: h2
goldbroker.com/build/front/amcharts.03f39b20.js?1662551049
198.100.157.117200 OK 0 B URL HTTP/2 goldbroker.com/build/front/amcharts.03f39b20.js?1662551049
IP 198.100.157.117:0
GET /build/front/amcharts.03f39b20.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0¤cy=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-360a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2