Report - news70.net/

Report Overview

Submitted URL
news70.net/
IP
103.50.163.157
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2022-09-13 22:15:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
246

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	7.0 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	50 kB	34.120.237.76
translate-pa.googleapis.com	1620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	2.4 kB	142.250.74.42
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
openweathermap.org	11937	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	3.3 kB	138.201.197.100
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.236.232.139
api.qrserver.com	73523	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	464 B	16 kB	195.201.128.178
api.openweathermap.org	10906	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	909 B	82.196.7.246
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	701 B	1.3 kB	142.250.74.46
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	4.6 kB	142.250.74.74
www.goldbroker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	399 B	198.100.157.117
goldbroker.com	332189	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.2 kB	305 kB	198.100.157.117
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	53 kB	142.250.74.72
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	761 B	3.4 kB	142.250.74.10
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	681 B	92 kB	157.240.200.14
widget.trustpilot.com	6018	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	785 B	8.2 kB	143.204.55.80
news70.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	33 kB	6.2 MB	103.50.163.157
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	96 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	news70.net/	Malware
2022-09-13	medium	news70.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1	Malware
2022-09-13	medium	news70.net/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0	Malware
2022-09-13	medium	news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b	Malware
2022-09-13	medium	news70.net/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b	Malware
2022-09-13	medium	news70.net/wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5	Malware
2022-09-13	medium	news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0	Malware
2022-09-13	medium	news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-13	medium	news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3	Malware
2022-09-13	medium	news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835	Malware
2022-09-13	medium	news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2	Malware
2022-09-13	medium	news70.net/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2	Malware
2022-09-13	medium	news70.net/uploads/banner_main.jpeg	Malware
2022-09-13	medium	news70.net/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg	Malware
2022-09-13	medium	news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg	Malware
2022-09-13	medium	news70.net/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2022-09-13	medium	news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg	Malware
2022-09-13	medium	news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg	Malware
2022-09-13	medium	news70.net/uploads/video.mp4	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed
2022-09-13	medium	news70.net	Sinkholed

Quad9 DNS

No alerts detected

Files detected

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1146 bytes)
Hash
a77fe522092dc8647f147c3c7e017133
1ae17a9a563ee8a7a621a0a277be18588901e87d
bb6db0daace2685b7e689995340ac36a65bac061e76f16f33422c2f512e6b5bb

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (65)

	URL	Size	First Seen	Last Seen
	news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-24
Pretty URL news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 08:08:07 Times Seen38030 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5	30 kB	2023-03-07	2024-01-01
Pretty URL news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-01-01 09:08:48 Times Seen45 Hash 56315bc34593cfb648f4f7f33a9159f4 656d6353c3e8f7e008cfe739f6f4de5fec5cec3b cb47b561f47e3d106d419bdd7721a3a26a00c36e20ce6f1bfa3c6d13cdb8c76f Loading...

	goldbroker.com/build/558.59ceb5fe.js?1662551049	318 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/558.59ceb5fe.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash 16b7027901a0e863b86333d5b8aa66b7 0d4c6bd7b9a8c123e17010746b0d97947701fef7 8fdfd12983878a95c2690cfd4391f9bfab6742e1209cf438928ba6ea775d458d Loading...

	news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9	19 kB	2023-03-07	2024-02-29
Pretty URL news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-02-29 06:06:00 Times Seen214 Hash b13ef15f64650a1fa7365dab67d1e944 2981a581bff5c3d81d4e0700c76d316c568bcdfa b4d00640b93ccce21719f7146a3aa2393456c28f5439d12454d839412e0c69f3 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	78 kB	2023-03-07	2023-03-07
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash f4a5b049d0c740c462201b6fff96d5ff b54397095b265928e183f252ffba597361fe43c4 9651bc404e2f8093648ebc4560c21296ce38008ffe285836a1196e10cc1df0c0 Loading...

	news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4	44 kB	2023-03-07	2024-04-24
Pretty URL news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-24 08:11:10 Times Seen19898 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2	9.1 kB	2023-03-07	2024-04-21
Pretty URL news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-04-21 14:49:18 Times Seen267 Hash 074346565f31b42edd3ccab906af658b 87e65ae5bc537929cf8cb925b4a952902d5bb5ed f1d759e86165ec9e5f9f5c9775acfe83f2c00833aa1c3522fbede166c38a2205 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-24
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 04:43:45 Times Seen14146 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	news70.net/	2.1 kB	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash e7a83f0ad352f0154a10120978720f9a e13e38778ef757b4dae5479931f417f5a36b2285 0903e312752015b31bf1ab7f75e509f9c81343bdad84336e7bd953544c48e7e0 Loading...

	http:srcdoc	1.2 kB	2023-03-07	2023-10-23
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-10-23 05:00:07 Times Seen4 Hash 1de62a4f326c081c49d5fdbb380837a9 2306f80fa6c73543b3af799b105ef6fc812d89d0 71a8551572997ad5c34fb5e73b002d5b1ce1d900c9e5453f1fe24dfb68bd6c13 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M3J7F9	140 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M3J7F9 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash 0d23ba13e196df9237c7686925f0c996 d1d62ed0de54c47dd08fbe061b0c5747723955fa 3319e8375588520f050bb48e997239f939cd0f0bab3ff29bd1bcd853a6046338 Loading...

	news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-24
Pretty URL news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 05:14:01 Times Seen31802 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2	12 kB	2023-03-07	2024-04-21
Pretty URL news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-04-21 23:19:22 Times Seen1610 Hash 2b01351f36285d266938cfb15ae487a4 643579a331557dedc16ed0bceb1c7780368b9a52 4c5e10b3496ff844faf3e2d032e243d4a366a5cbc95ad7bef5dd924322e31b3a Loading...

	news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2	254 B	2023-03-07	2023-03-14
Pretty URL news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-14 18:12:09 Times Seen1 Hash 9414450ae6278f6e70c5f4bb5a0e4e7b ba5e479ffc3d744fe454772a9d3682db5c18408f 3c102a36b9d7d91feea10ae59b1d2d5ba9a0297dadaa7360abf791e02bce94a7 Loading...

	goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049	36 kB	2023-03-07	2024-02-29
Pretty URL goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2024-02-29 04:44:09 Times Seen6 Hash 77e8752d6ab127375fe253f1911e94aa 2ac4e349f16bf71eb65ac6f886dfbacfe88fedb5 087953e24c129b11f56a5064d8a162db206d5d6bb4c2df58af9074b1334d026d Loading...

	goldbroker.com/build/51.a0ead035.js?1662551049	198 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/51.a0ead035.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash 45408e7b31b09d8d2e8142d233deb084 1d60128be1b8b1ac39cb9325b819d7e18a4fa402 3890145043f3651b54846eb5719fff1ea9d0580161c5103bd67e552b92110a6a Loading...

	news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-23
Pretty URL news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 17:49:04 Times Seen3650 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	news70.net/	869 B	2023-03-07	2024-02-16
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-02-16 10:49:35 Times Seen214 Hash 23abce331939da08653ad1ae0e96ab42 9d643a7eff4ca07cad0e2ffc4f851ac5178182ae 5b3784f77d8eeeff1634593241207b833374d91da614bd64e06c57de1a25f5e7 Loading...

	news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2	3.1 kB	2023-03-07	2024-04-21
Pretty URL news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-04-21 23:19:22 Times Seen1525 Hash 0bd6cb4fbf6f16f1fc46934cd8515f3c 37360c9391c47e9d7b0460bf1fdfc8c380404c4f 29c7ceffe2b367039ee6eb32a7334e2a9131654cdbdaf57a5431d909f69d1cab Loading...

	news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2	83 B	2023-03-07	2024-02-29
Pretty URL news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-02-29 06:06:00 Times Seen84 Hash a95b37cd28903b619c126faa2d7dc7cc 119936440dda02aa16d0c436acce55482a032d5c df409cda6bae37bf3f3a02f19396eb0437670f49210fe6134de95a908c0cafa4 Loading...

	news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2	416 B	2023-03-07	2023-11-10
Pretty URL news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-11-10 08:42:23 Times Seen6 Hash e8c56d7d1cc46b6eaa53bdba54f43bb5 883b485c7bb34f41b9eee28b9201347458141c57 db24dfbd78fd5cd1075c029124f536ed600fbbd2b383df52633c833245f794c3 Loading...

	news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2	903 B	2023-03-07	2024-02-29
Pretty URL news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:56 Last Seen2024-02-29 06:06:00 Times Seen83 Hash a189c39d52b602e2bf88129feecae3ae 3ef0300c6eb3952cc4743d3c8b5117536a43f13c 541ca6ec26c08bae2158496639872bdc573969743cdd364c29e5302376af50d9 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 08:21:38 Times Seen37034928 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2	20 kB	2023-03-07	2024-04-24
Pretty URL news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 07:44:25 Times Seen19502 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2	1.5 kB	2023-03-07	2024-04-21
Pretty URL news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:17 Last Seen2024-04-21 23:19:22 Times Seen1735 Hash 9205d1691f1303227809875d3a6ee811 71094c5c5a6f50bc3d94cf9f99f768708a437e6d 8577be08e13d868781746fd18e27a2d95ee4658c33221ec7659ece82d4d31463 Loading...

	news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1	4.3 kB	2023-03-07	2024-04-09
Pretty URL news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-04-09 02:22:09 Times Seen3 Hash 24f9b1ea3eadd62d001af20b31c7c42e b4d1bede572ebbe71bb8d5a49ddbf26d6e5ee87d 395958d780ccc1b69865457d30f9296d2d924a7880d09f3bf82d3220abaf8194 Loading...

	goldbroker.com/bundles/fosjsrouting/js/router.min.js?1662551049	5.5 kB	2023-03-07	2024-04-23
Pretty URL goldbroker.com/bundles/fosjsrouting/js/router.min.js?1662551049 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2024-04-23 15:09:35 Times Seen36 Hash a79cc9b843909029289e8935f597d0b1 abe4592c77ade66a8cdbb374316ae83eaeb91b3c 4104c3ad81b5a4ed3ed0d092e564a0d3a211b6545a11e19141e6bc8e966b2de3 Loading...

	goldbroker.com/build/front.fa985674.js?1662551049	170 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/front.fa985674.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash f35c03e479233df058d44d16ed893d6a a9553489506662094fae778229a7100d740236b4 5e886e5fd4fde5dd8fb5e73f2f8a09a72922322cdd5b1ba79c452952d5fff426 Loading...

	news70.net/	205 B	2023-03-07	2023-03-11
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-11 13:35:58 Times Seen1 Hash 697a37086a61a44e0a98607f691cc85a d83a6f2718baebd011f690abb05ea7003b44a7f4 51e4811ceb07a45191dadc8eed5c32d9a56d68bbc2b033a7f079110916c54229 Loading...

	widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js	19 kB	2023-03-07	2023-11-04
Pretty URL widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2023-11-04 14:10:25 Times Seen853 Hash 09f25c4b4cb4f5d5bd2bf7adf3235bc0 dbe22054d87d6ef7127d98ceab7650eaa0f6ed68 f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb Loading...

	news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-24
Pretty URL news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 08:08:07 Times Seen68578 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	news70.net/	151 B	2023-03-07	2023-03-26
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-26 11:30:30 Times Seen2 Hash 62a6b83b4df6561bc6336c855da61ff8 b1d039179a4841fee7e680478279df5a23fb80d1 c8f52e17c86c7b9f18aed1fe3b897675cd342dca1f2deae0fe74279fe2c78bbf Loading...

	news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215	685 B	2023-03-07	2024-04-24
Pretty URL news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-24 08:02:20 Times Seen3284 Hash 93d421fd7576b0ca9c359ffe2fa16113 eacce35258f14fcd79bea2bc23f4140d25874322 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2 Loading...

	news70.net/	1.4 kB	2023-03-07	2023-03-11
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-11 13:35:57 Times Seen1 Hash 71101e4a276d57cb91803b158aa4e8ec e0eea7e053bc18e1c858728ba36f4a451f261435 aa8e7e612ec51b81ed7a0fba1332f7d6c1fd08d12504dc0860edf68b183d9c95 Loading...

	goldbroker.com/build/front/amcharts.03f39b20.js?1662551049	14 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/front/amcharts.03f39b20.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:34 Last Seen2023-03-07 16:02:34 Times Seen1 Hash ad0b8b9a4829e48b79acb7507a2f63ee ea8d9be6fa79406511fff239c5cc980ba62b0cf4 9db11725a458686c2c994cca81b1101a14f56326f978df64e0ba23c96dc9e8ed Loading...

	news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835	12 kB	2023-03-07	2024-03-26
Pretty URL news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:13 Last Seen2024-03-26 08:26:13 Times Seen33 Hash 62152eefaf63b3ed95e6b602f6d22197 10ecd6c389c9078d0793187ea5e61189a11bd7fd d8469ad6e03ba1a6c2c9fee151001c818233baff45efada0b93f6d864c21dbb3 Loading...

	news70.net/	663 B	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 6d810776f50463bb1448f53bb120c1a5 35f544c6af52111c216ea8084f557d8095fa9665 8a7307cc2a1e707e34fbf2e9d3e93a32613b90813c83b97d5fccebdf59f7074c Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.aNgHxNvBzn0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpQxgkulmS85uFkIizOp37qET_zcg/m=el_main	268 kB	2023-03-07	2023-03-07
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.aNgHxNvBzn0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpQxgkulmS85uFkIizOp37qET_zcg/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:29:38 Last Seen2023-03-07 16:56:51 Times Seen1 Hash d0eb4beb3d1b732a2f2270267e90b77f 86206c430a4f1eb663a30c899e0fed9f84d8c765 348ce379f003c95ba20fab375a131842ee3032db8bdd0c04e69be453c31b3ce8 Loading...

	goldbroker.com/build/661.0c094aab.js?1662551049	38 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/661.0c094aab.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 0b51a15e8bfb2f1be2481d0ce8ba3f51 6556c6f6e06db0b90f3be8da0fcf9b98f5e36c36 8a1a66e53ff069a6da7f14085e3997345ca05f64719b6df98d47dd1135df4c14 Loading...

	goldbroker.com/build/755.f5cf308f.js?1662551049	90 kB	2023-03-07	2024-04-02
Pretty URL goldbroker.com/build/755.f5cf308f.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2024-04-02 11:41:02 Times Seen5 Hash 9ba8ed32ffdc02283c3f2ec5399b3c81 308845666b965851f662ead42b57bf6a407c1459 1facfa7e874f314d7761fbba6f2bb12107c9e24d53b01a517e25dadea1a01ceb Loading...

	goldbroker.com/build/runtime.28e69a3d.js?1662551049	1.5 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/runtime.28e69a3d.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 3f94273978343f2504181cfabea7d6e6 eefb7f865fdfc5055af6ffc03a10f602f9da9bdd 2705d276d4d4b0dcad24bbf0660b0acf4a972725e617155ae76effe1cde54835 Loading...

	goldbroker.com/translations?v=1662551049	108 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/translations?v=1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash decff836154ed70f8b08ce454813a4d7 1c457c91aa1e0c2c0f4fe87a4245f1213fd11756 0c3bf6d27232cd3bf16cbae427dc9cf239b6950c8dff43f7f1ae7340a719285d Loading...

	news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4	10 kB	2023-03-07	2024-04-04
Pretty URL news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:35 Last Seen2024-04-04 19:23:46 Times Seen958 Hash 24823208c60bfc2a92deaa50cbdc6c29 f2a855219e71fc4224376732b7c64e34670d855d bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00 Loading...

	news70.net/	453 B	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash ab057829bab76356f9bfdd0ea9d1a9fd 3d8d8841da329c2035a7eaf1f35ab8dc64db9c7b 303894096df630493133174156207008c629863c94c573eee35f329edf69de0b Loading...

	news70.net/	1.0 kB	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash c8d7b37fe18448d388099ff1b49a9009 4229cffb8f3b34232d8cde74b5746b0e3182ea65 31ae89a792d95fb504cccb5e62e433b98cd47a58e3b7f933d15518e6cfcc1a2d Loading...

	news70.net/	328 B	2023-03-07	2024-03-21
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:32 Last Seen2024-03-21 11:17:25 Times Seen776 Hash f0d5f710f1fe18a4dcd0201705f89cbd ec7b99089b565160d4fc319e5ddbd7ec81ca28b9 f5274b9a7a920605816df1ae91f95a8e8f29df7f73a76310d402c8f5693ae720 Loading...

	news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2	2.4 kB	2023-03-07	2024-02-29
Pretty URL news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-02-29 06:06:00 Times Seen85 Hash 95def6cf5f6c00158e01cf75979d1d82 3752f1dd849ee358ed5911b1a8cb5a3a77b97117 f23f4cdc16216e281ece6073441ef19eba319f9a0c01eac33c31782d08812ffc Loading...

	goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049	5.0 kB	2023-03-07	2024-02-29
Pretty URL goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2024-02-29 04:44:11 Times Seen15 Hash c91db0ec942ab25ae0aabb9140d0b92d 9ce3a7d75502382e05de67e490314339f5943c2c 7020892c98dc3953edea594b97690b61a672596253b1a9821bd52da9e3cbf2e7 Loading...

	news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0	49 kB	2023-03-07	2024-04-14
Pretty URL news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-04-14 17:47:59 Times Seen390 Hash fe1457ee36b1ce754d11d5708492c960 03efb6335562caf52cb91eb3e7c2f5f18c62fb96 65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33 Loading...

	news70.net/	213 B	2023-03-07	2024-04-21
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:32 Last Seen2024-04-21 23:19:21 Times Seen851 Hash 91db495e87060fd19c7508c529725a41 bd81a81ca0327c586cfec175bb386dbd5b3a0f85 ff8bed9ae16005815dbaf8cdfb29263be1b1b59fbf91758a10d3514eb70ae0a7 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5	3.1 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:13 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 128ed31b9a30d5c28015306a41f5bf7d ace1f4bf0eca335695bd578021710d64e9a24b62 ae613278ca7b5274af628761185d7e1a15cc95f502369180f3660ef0ad087a11 Loading...

	api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844	516 B	2023-03-07	2023-03-07
Pretty URL api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844 IP 82.196.7.246 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 12943810b70a4c4c42353cb0a8effda0 3c5727d0a242cb3320ee00c9773eff42f05eaec0 6a21d9f47b5b0ba4f7aa4c57c94a69df8ea14a9a1f56c75c031b0aefe46271e5 Loading...

	news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3	361 B	2023-03-07	2023-03-26
Pretty URL news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-26 11:30:30 Times Seen2 Hash 96350dbf1bdc74a689830cd7cde7ea99 870599a09e42940a88cf9fe11b30fa7d89ebbf8a a0d45facfb1757cbdb6d543958149ab9f53d7f89f249718ac65f9ba68044ce57 Loading...

	goldbroker.com/build/458.a4d26bb1.js?1662551049	342 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/458.a4d26bb1.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 0d730638b19bbbd8257113b02a27e734 cbc24077c2096480dd0a3b91672ef330f08f075e b4452510ba1bd7dac90916d2d744e68e31b1be11d4c974ddb842e6df846ba219 Loading...

	goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz	429 B	2023-03-07	2023-03-29
Pretty URL goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-29 23:47:44 Times Seen2 Hash 4f5a1c92342129fa27c2f46b2d5193ec a5e4f06786682dab39b658fb00f3462fb65f2915 97f9dbb0bf96e88cd073ffe6493a26cdd64e8c6883994e7e1e36cf5a314c0ef1 Loading...

	widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js	1.3 kB	2023-03-07	2024-04-21
Pretty URL widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js IP 143.204.55.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:33 Last Seen2024-04-21 10:19:13 Times Seen658 Hash 9f2f0c2cc9e5df2476d7c877e9005259 28d5753498c688feb491a108551c368d12c38245 90745a0f257aa1424e5b997ec85544b52094e60b7187c09ec3f108303bfc2073 Loading...

	news70.net/	1.5 kB	2023-03-07	2024-02-16
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:43 Last Seen2024-02-16 10:49:35 Times Seen113 Hash 8a7ad05249883e2d1a4155a5ed35ff43 b476eacda7ee0d53156465b7578904eb6caf626e ff2645fa866c838505a03f4298558aff9b6e863804d12ac8c4eccef6ddcbd2d4 Loading...

	news70.net/	151 B	2023-03-07	2023-12-24
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:52 Last Seen2023-12-24 11:39:40 Times Seen21 Hash c2edcfe35f94b0105bc66aa71d6a1a4e 5d3f56767cacb10d370da093d161b8ee46b0616e cb1f6d93f047f89e872a47919ae81380e728a375d8236df142f3f5618be50861 Loading...

	news70.net/	1.3 kB	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash f988fe8399fc43fbdf0a4a6c70641ad1 49d8ef591d9424f3c611dc01b235ef2eb6332e32 a10165d9d34cdbc2c4b8b5ff7c522f861585187f0fcb77a5fd7c9811dbb31908 Loading...

	news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2	243 B	2023-03-07	2024-02-29
Pretty URL news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2 IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-02-29 06:06:00 Times Seen49 Hash 7a5d2a820f5ba89ac07af102c134c881 0a97dbe66b2900d69d0b5859c34e94a3130337b0 294902fa1e546d9ee9ac08c10a81239acca87d10155d3be10c6bd57070a089b8 Loading...

	news70.net/	134 B	2023-03-07	2023-03-07
Pretty URL news70.net/ IP 103.50.163.157 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 280f6c3cfeb2d26b124134a2a92c0607 3959144fc4fb392073f383f5ccbb485b0e8ab7c9 dbcea89c87e60fc7f5c90629c9b84028130e97f13172133578cf5c711f45ee3c Loading...

	goldbroker.com/build/962.f2cb67f7.js?1662551049	321 kB	2023-03-07	2023-03-07
Pretty URL goldbroker.com/build/962.f2cb67f7.js?1662551049 IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 79b7a8b4d9e5290d5195717f4edb6884 a05bf163309573879f6b53d90e7c0767403b7bde 511cf0a65f487b9408792f12608a039aa4efee9156d491009e03f7a569638606 Loading...

	connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3	311 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:00:45 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 3efe18fde3c94cc16c6c77a853e99732 82f570d595af787c8dc4f923c9603137cbe10ec9 d0fc57edd4f05f47b159109ac16e13724da37bd0e18d9156076259976ff25bd5 Loading...

	goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz	99 B	2023-03-07	2023-03-07
Pretty URL goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 991be287eeea1c3c722b5aa1464cb647 35a4936c32ac48fd201aabb53f351de010325b34 273350fa4e101914f454ef19a019480730d9be74e0f392baccb254ab9a348a16 Loading...

	goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz	100 B	2023-03-07	2023-03-07
Pretty URL goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz IP 198.100.157.117 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:02:35 Last Seen2023-03-07 16:02:35 Times Seen1 Hash 1c5a241618a77777dc251a6f100a4258 609250fcd486c0fce56dbfd344ed06100c42de7d cd5ac4123106b333560eee9d8de9f4968ea439e7984fa0c104ca82dfd914c97b Loading...

HTTP Transactions (151)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 21:17:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lQw1pPi7ebLcQbVFq8D_9bUQ4RluL62Q6Y3tDCHwetysBkFL-o6pUQ==
Age: 3468

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9301
Expires: Wed, 14 Sep 2022 00:50:39 GMT
Date: Tue, 13 Sep 2022 22:15:38 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AqI8BQ-WaVrjP6Lux2JTnl1_jTGpO16DSeXayDSNd-nisrR4kA_X8A==
age: 63624
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 22:03:22 GMT
Expires: Tue, 13 Sep 2022 22:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BQPuEHhBMVMkWvpnf1nRRM_wpqqgpDtLD4tEDhD6BdvuLjeC1OFmqA==
Age: 737

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:39 GMT
Last-Modified: Tue, 13 Sep 2022 21:56:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

news70.net/

103.50.163.157

200 OK

40 kB

URL HTTP/1.1
news70.net/
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
40 kB (39989 bytes)
Hash
2078e784fcacbc952958bc34200fe348
d1c3db7c327ac395408da67d5f54e8d7f6a739cd
f178bf0301c9704b9fd54c7b8744eb04f29136bbb3c8939b9da1ba36f3a8fcc2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:38 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://news70.net/wp-json/>; rel="https://api.w.org/"
Set-Cookie: aiovg_rand_seed=3493417214; expires=Wed, 14-Sep-2022 22:15:39 GMT; Max-Age=86400; path=/
PHPSESSID=7157c2f1ef07db04c98bda007a38f49a; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2

142.250.74.10

200 OK

976 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
976 B (976 bytes)
Hash
cd0d7ee719c71856ef0826cb4239aa09
aca040f1a99aa9ae892874586b6e560cd7e24952
f461022b70025b86bf36a8d8b27fba51dd7de89ee43dcdc93c0a74c100ed8d05

HTTP Headers

GET /css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 13 Sep 2022 22:15:39 GMT
Date: Tue, 13 Sep 2022 22:15:39 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

news70.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2

103.50.163.157

200 OK

299 B

URL HTTP/1.1
news70.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
299 B (299 bytes)
Hash
1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=75
Content-Type: text/css

news70.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

103.50.163.157

200 OK

17 kB

URL HTTP/1.1
news70.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (43771)
Size
17 kB (16594 bytes)
Hash
2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16594
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.46

301 Moved Permanently

0 B

URL HTTP/1.1
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/

HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 13 Sep 2022 22:15:39 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.236.232.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8Be8EdtL0B/KGtVRrsTTKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AMWuf7H5Iap5Kw4pUYGi3eUJsfk=

news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0

103.50.163.157

200 OK

564 B

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
564 B (564 bytes)
Hash
52dc6a8e85abdf73203fdae4e4b6f9fd
d19e874bdab0b560891082c591b33b7a481149f7
a6ed9df694f9885f6959a20b8aa2090235427dd579b89eed311fbad2d70cfce7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/css/slick.css?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 564
Keep-Alive: timeout=5, max=75
Content-Type: text/css

news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0

103.50.163.157

200 OK

1.0 kB

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text
Size
1.0 kB (1035 bytes)
Hash
953438bfdb3f3c6aa7761618e2b262a8
b33522e1fe96ed2e2395e7bd015f756ba06b5534
783cab59b7959dcf64a11dfcd81bf46624c406eadca6ed47e4717b3acff305ef

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1035
Keep-Alive: timeout=5, max=75
Content-Type: text/css

news70.net/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2

103.50.163.157

200 OK

2.2 kB

URL HTTP/1.1
news70.net/wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
2.2 kB (2190 bytes)
Hash
5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/simple-image-popup//css/magnific-popup.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2190
Keep-Alive: timeout=5, max=75
Content-Type: text/css

news70.net/wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3

103.50.163.157

200 OK

473 B

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
473 B (473 bytes)
Hash
39464437367b8542343910306ce1bc50
b2b4967f2abc947467050144c3a1ea33c86dc6f0
755b2dfaf802c622c5f70456b04aed3c4125d178fbe34b99eb6da42830c767f0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/css/frontend.css?ver=1.0.3 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 473
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5

103.50.163.157

200 OK

20 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF, CR line terminators
Size
20 kB (19817 bytes)
Hash
527edc0b6a6d8e712826831d040d5d36
6b805604bb3f77bf77248261ba167363f78ee449
b43ae731b48224682b19e26a36692f8d3fa636c613fc16055e024ba30f16d072

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=2.7.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

news70.net/wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2

103.50.163.157

200 OK

88 B

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
88 B (88 bytes)
Hash
e61686ae85ff40d0486d63edad647a25
c1ecfaf48fa21552af4573accff6f973f5d3129d
250f188866f5524cbdc41d9e3a3cf1a940bc26f8ec12308b02d47d9c93a84d28

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/css/disable_sfsi.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 88
Keep-Alive: timeout=5, max=75
Content-Type: text/css

news70.net/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1

103.50.163.157

200 OK

666 B

URL HTTP/1.1
news70.net/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1932), with no line terminators
Size
666 B (666 bytes)
Hash
a8bccbf4243fd62badfb3cb50ee15db4
7b8b16d53e25f619a6595036fe41fef98cb0134b
8c5e441961ff9095ae4528ed33c7a2cb4c3f553a66de2ee12d719214f3dc37b3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 666
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1

103.50.163.157

200 OK

263 B

URL HTTP/1.1
news70.net/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (684), with no line terminators
Size
263 B (263 bytes)
Hash
2bca32e8e5c4a6c01018467b5c55f58b
514bffeee47835c711d56e324b777697f5e581c7
e1abfb3d80ce3cf9e4e87b2acc37a3e0998240866b7f475acc898aa041becf4c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 263
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4

103.50.163.157

200 OK

1.1 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (3184)
Size
1.1 kB (1142 bytes)
Hash
8110dac83703c6f3bdab05005b338dae
2d7fa29ab9e77366216866a3c399cff917625015
8b88b876325a3b5deaea39fc31f97d9ea452bf5f5a27a4eb0d0cdc5be386fb92

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1142
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2

103.50.163.157

200 OK

7.5 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
7.5 kB (7524 bytes)
Hash
425b9c5bb524774d7f30160c36771785
af60c1059fb990e6e86ff744f9c286e78f9966e8
a1dfafaf50ffe1e3996576f74f6e0e9dccee46d19aaf562fbe6e5575171b8062

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7524
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

142.250.74.10

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1178 bytes)
Hash
4103a4063f8bb5fa3297ad5293d97522
49bc2dc7f9a74f6902094b4091fbc8338d04e5f6
3857b3165ea8f20e24b14fb9fd93da9c27ea61b0d3d79a6f89c82d436202598f

HTTP Headers

GET /css2?family=Roboto:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 22:15:40 GMT
date: Tue, 13 Sep 2022 22:15:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

news70.net/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0

103.50.163.157

200 OK

32 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65325)
Size
32 kB (32015 bytes)
Hash
3cac3383012d3b9c1b28ce53a9016651
3323de86376c6ea8dd265acdc39bcb82fdf1e8ac
29e021f86b877880a2e3e7c9f069d6ef5eab4930bc01d4633a05531df7ffd670

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b

103.50.163.157

200 OK

1.6 kB

URL HTTP/1.1
news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1622 bytes)
Hash
7f8180c648c421528ee16de8685a776a
c5e2c1a8f552339fb821792c1996e0d5b58a300e
f9f47abe8f3afe4874965dab03a41beab7ef74e975689fb3f12638486a41e115

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/kg-video-js-skin.css?ver=4.7.4b HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1622
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b

103.50.163.157

200 OK

5.7 kB

URL HTTP/1.1
news70.net/wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1062), with CRLF line terminators
Size
5.7 kB (5743 bytes)
Hash
df4ba1a7acf67f153c7b0ae25a4ad440
712d09f601f071fe8980659ed33e573539d5ff7d
cfa615de85ee6e6b61c7b99aa1999361f20f640256e2e49a800e73873d152c74

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/video-embed-thumbnail-generator/css/kgvid_styles.css?ver=4.7.4b HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5743
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/themes/newscard/style.css?ver=6.0.2

103.50.163.157

200 OK

28 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/style.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (630)
Size
28 kB (27757 bytes)
Hash
49c277b74aa969c4ac64c65e44f2ed99
fc66b37f1d95dd65dbe504f47ba7f8e4f2ac31e3
8a7eada705ad4f980da1804a584e433c188c5e8f8f346ee9445146bbe020c7d2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/style.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56544aa492715fc7714bc4792e487c44
5ae3a793869000eea5e40b44dc68eff03bf3fc47
e53b80b85b1c9e2e384ea0ccfd0bfc28007656b4fbb09cf25dfc0679e77252d2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E53B80B85B1C9E2E384EA0CCFD0BFC28007656B4FBB09CF25DFC0679E77252D2"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Wed, 14 Sep 2022 04:14:54 GMT
Date: Tue, 13 Sep 2022 22:15:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56544aa492715fc7714bc4792e487c44
5ae3a793869000eea5e40b44dc68eff03bf3fc47
e53b80b85b1c9e2e384ea0ccfd0bfc28007656b4fbb09cf25dfc0679e77252d2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E53B80B85B1C9E2E384EA0CCFD0BFC28007656B4FBB09CF25DFC0679E77252D2"
Last-Modified: Tue, 13 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Wed, 14 Sep 2022 04:15:33 GMT
Date: Tue, 13 Sep 2022 22:15:40 GMT
Connection: keep-alive

news70.net/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0

103.50.163.157

200 OK

5.7 kB

URL HTTP/1.1
news70.net/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
5.7 kB (5692 bytes)
Hash
b885a856ec47b24d57973ed269096301
1ba3a6c279a88b97e7b7bf786ac6ef954477c3e7
ca80f4117b299b974725790d55c544f9aa4b4d73d64837419790c09736a8f562

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 12:59:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5692
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2

103.50.163.157

200 OK

817 B

URL HTTP/1.1
news70.net/wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
817 B (817 bytes)
Hash
f5c7ece1468c567e7cdf2482009088c0
38e7ba1aca24c2b1e8812b2a6f85ea5ec902fda3
84d738d9b52668c9ecf75e9a69a62329f9ab2c921ace26fc64d1d27366db3d22

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/mailin/css/mailin-front.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 08:57:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 817
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5

103.50.163.157

200 OK

16 kB

URL HTTP/1.1
news70.net/wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (39368), with no line terminators
Size
16 kB (15828 bytes)
Hash
82df2bf227f98a0cd29d76d90106eef1
f53cd5ec6e80eb5db22b76be7946ac625c1b0e43
120c7dc5c648bad8d9e5cd644afb92489355d76a11a884da9a6f82e498e29d6c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/video-embed-thumbnail-generator/video-js/v5/video-js.min.css?ver=5.20.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15828
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

103.50.163.157

200 OK

4.6 kB

URL HTTP/1.1
news70.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 15:05:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0

103.50.163.157

200 OK

21 kB

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
21 kB (20745 bytes)
Hash
2267f2eefd72f4650548e6fc2df792a6
d6fae7c22766be5dd0e48b1ec435e7e6506d86f7
a0fe857bdb0a1bd65bcb1b0f3cb94c1657004b58033e4d22c9524bcfdac53e1f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/js/slick.js?ver=1.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

103.50.163.157

200 OK

39 kB

URL HTTP/1.1
news70.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65447)
Size
39 kB (39066 bytes)
Hash
feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3

103.50.163.157

200 OK

191 B

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
191 B (191 bytes)
Hash
cc7a6100ccb6ca822f20c707dd1ebd64
45a550eaddd160212aa24a9e0c55268d52550dbe
d237511a05f94adf69a01ae4565099ef159e6306d93c3e565a2be39707f2250d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/js/frontend.js?ver=1.0.3 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 191
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835

103.50.163.157

200 OK

3.5 kB

URL HTTP/1.1
news70.net/wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text
Size
3.5 kB (3517 bytes)
Hash
49f46872de0269c8bd369293b23953eb
815b449df1258da752c347ebbce713a77ea3f078
d360a7ad5bf004818b3ef3eb40b070076a4d7cf16e60299c82f74fa9b477c9e8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/mailin/js/mailin-front.js?ver=1659257835 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 08:57:15 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3517
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

103.50.163.157

200 OK

5.3 kB

URL HTTP/1.1
news70.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2

103.50.163.157

200 OK

184 B

URL HTTP/1.1
news70.net/wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF, LF line terminators
Size
184 B (184 bytes)
Hash
1f5fd7e5f3f1b15cdc01c6f3b5682c5f
f101025f5d6b322b598f43c966ca3705df3a616f
08c2f4f9c56b80f450b87a2fbca63cad305a4fe9a0d8d21d6f77bccf41978c6d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/the-daily-horoscope/css/style.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 184
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2

103.50.163.157

200 OK

9.2 kB

URL HTTP/1.1
news70.net/wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (20087)
Size
9.2 kB (9204 bytes)
Hash
7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/simple-image-popup/js/jquery.magnific-popup.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9204
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0

103.50.163.157

200 OK

12 kB

URL HTTP/1.1
news70.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (45570), with no line terminators
Size
12 kB (11721 bytes)
Hash
8cef004b3d40410cbb90d2f52764c21c
a418ad610d036d8736f8b9a3eb1f87fced34dccb
831bfa926aa282b155302a4c5e0c54388569f438625ac0b01289f74edfb6b0e8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11721
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

103.50.163.157

200 OK

8.2 kB

URL HTTP/1.1
news70.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.2 kB (8169 bytes)
Hash
a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 06:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8169
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2

103.50.163.157

200 OK

4.9 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (11484), with no line terminators
Size
4.9 kB (4850 bytes)
Hash
1b60910f11a0d775fcfa572adb62ee64
f1bd74f734e6938c95d01de8e868a7c785ddbc4b
2d1669803c454716bfc0cbf4a477db499c13d6070b3b06dad649e3903b107a91

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4850
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2

103.50.163.157

200 OK

1.6 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document, ASCII text, with very long lines (2861), with CRLF, CR line terminators
Size
1.6 kB (1566 bytes)
Hash
db111558e1a36ddb44ee116a32a1f046
0be7812f2f99932c1ebb96b7b4c5d6b403e20da5
dd692eb76a66ce5fa3ee4a9ea97bd46cabc6c9a8ccbe08def28f48ffa10c5fbb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1566
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2

103.50.163.157

200 OK

696 B

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1472), with no line terminators
Size
696 B (696 bytes)
Hash
149199e590e83a45c6cfb84e505ee166
d2a506c87a1ce49b6927eb70b36a2e05054734b8
91cb2836b2266eeee962eb258c85c327a5f0e3c8812fefdc74cf685b72537d57

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 696
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5

103.50.163.157

200 OK

8.1 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (827), with CRLF line terminators
Size
8.1 kB (8149 bytes)
Hash
858bedde4b9d34c2e8d8b560e35e5790
6756c1cb335f67950d73f750e29f2a9fbee8d01a
52d249c8249cc2d301304f75b3f66ed5fe81c725b6de28c97e12d374e9de55ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=2.7.5 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8149
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9

103.50.163.157

200 OK

8.1 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (19015)
Size
8.1 kB (8148 bytes)
Hash
f6925cc7e38a3ba395092eed41a330ad
bf5a10c1b636884222efefa2e864f8d8348c66a1
fa8a3e60a540432215317cbd453808de2f493e6643321374f776efc5cfcf181b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8148
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1

103.50.163.157

200 OK

1.7 kB

URL HTTP/1.1
news70.net/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (4284), with no line terminators
Size
1.7 kB (1690 bytes)
Hash
ab57d0fc3abed1d6fe66d1b61fc4dcca
358992fd5a5ff3bcc72d68249b67d9d7fc069633
928c314bb6046779ca0d8da54a0223d33fc4b905cb94ab54ee8fa1b356cf260b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.1 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1690
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0

103.50.163.157

200 OK

20 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (48664)
Size
20 kB (20031 bytes)
Hash
8cb6c19de46b8d4103fd9c4e7274b880
c96eee753acad37467eae08af97b258fbc91d738
2419d1307915ca2bec616321db284292e0087c742077751962d3db841867f1c1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4

103.50.163.157

200 OK

16 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (31997)
Size
16 kB (15883 bytes)
Hash
8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15883
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2

103.50.163.157

200 OK

193 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
193 B (193 bytes)
Hash
4b21a25e72db705943cf0f5c17facefa
8da7b7c58564b0c7e6c88eeb10fdf75339be5775
72cdb461e3049928c0c030fe02f3ac6e17f1d501a07bab28fdaa08da79573496

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 193
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2

103.50.163.157

200 OK

1.5 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (521)
Size
1.5 kB (1469 bytes)
Hash
a7e596dd85011b4d41c1db9a87d79f3a
a7b716d860459ddec30bd14de57f98926d8a59e9
5afa336dd99a71d0f289ce7cbc29a1fe95c1d30e695b1f4ba6fe181515542916

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1469
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2

103.50.163.157

200 OK

100 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
100 B (100 bytes)
Hash
5be52cde597334450bb65fcd61cca240
17f9cbc516e52d8834c18f4c4b671d4acbc7e4c9
38490d6dcda00b1a43902bdf6439a6f5222dab204e363a7e4266c13cb8637384

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 100
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2

103.50.163.157

200 OK

3.0 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1219)
Size
3.0 kB (2955 bytes)
Hash
a967f470f371f929079d9445ac694fac
79aa1544676d566d758af6dae9489d5d71fb3e01
b643b39289c6f47ed7f534238a0c9b4425e4242784cb26255e35bc8ad9b7aa4e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2955
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215

103.50.163.157

200 OK

417 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
417 B (417 bytes)
Hash
73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 417
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive

news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2

103.50.163.157

200 OK

265 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
265 B (265 bytes)
Hash
a3dd590c6095374226b19ab5da1ec939
4d9baf71f5d9c80a2cf45af676ff4d17d245f0ff
397bbf0a80b9de6c8fc2ba6edc665e9bee05c0f57860504e0147d9a76aa1699e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 265
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11370
Expires: Wed, 14 Sep 2022 01:25:11 GMT
Date: Tue, 13 Sep 2022 22:15:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10407 bytes)
Hash
557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 06:18:57 GMT
age: 57404
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4482 bytes)
Hash
34b74681f6d64ca1c010044535056275
ef6cd4bdd5ddbdb92b25816dc82796f857d29cce
d3ffb558a261fd982989931ed8bd8e8f132735bb99fa5a42a032efdbdfbf6ce5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa480f096-89f3-415c-b9a8-76b981146555.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4482
x-amzn-requestid: e9a99ad0-f093-4c9b-87b4-13ebac164413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5FIUoAMFcUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-4438ced526ebec8e7819b700;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _et90o-4_I8qkmQuwvLolMCtcidFgElQfg9KcHeCgMiaDvxndleAgg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:20 GMT
age: 2061
etag: "ef6cd4bdd5ddbdb92b25816dc82796f857d29cce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7297 bytes)
Hash
467dd8d3b95082f8cd91bcbcdd20e5fd
77e495af2af5678308ad8ef5485f925386f0b418
7cf3a1cd3868d2030bcaf1f8b4ce6a221d8e0d222487354b86f51cd5e4322115

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a46c8e-0f46-4633-8b5b-51f1b2a5442d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7297
x-amzn-requestid: d57a4a7d-57d7-4dc0-9382-36c72d154b12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav61HfzIAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9de-601c198b76e739502cb3ecfd;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l8eGAJWPb4y1bUnqba2Ae0xmUW3IjJxdEWOAgw8qOzRl3R9I-ScbTw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:12:32 GMT
age: 189
etag: "77e495af2af5678308ad8ef5485f925386f0b418"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8836 bytes)
Hash
5f85dd3f15d0c55c06f712bbfb6f55fa
2c053f4774c450e42effdc440e89fb2ce232bad3
0035f6235d012f4c2ffbc8e414e82bbba3235c51e20f7b1ebebcdff47be285fa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9cb9807-03d5-4b00-9a0f-61f9c12f0e63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8836
x-amzn-requestid: cae5f1fa-005b-4819-900e-e0cec381e450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavYxGUCoAMF5Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f904-1be4cae92b407bed2a128109;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:41:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Edqp_EdPzoXt6xQtd24wiBzLSdqQ2HYzOGExvqkcJCUwSN5Kn7lZcQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:00:47 GMT
age: 894
etag: "2c053f4774c450e42effdc440e89fb2ce232bad3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6821 bytes)
Hash
b13597e0a940250612993db031202d62
aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9
6d3c52dc3095ed849d6be14697d4c7f1278042ce11da4939df1237c1b1c92101

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe75b3681-ef2a-49d3-b606-3db42d433f5a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6821
x-amzn-requestid: 884c2672-28f8-4a1a-a18e-d53c82d65645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv5Es7IAMFkwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-25fa585f3ca1d8c559dc295b;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YPtX1bh_mzR9MrOXsrfw3J0gxRGuu0u5PY2ZFbxdD-Ht4fqvOfTQ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:21 GMT
age: 2060
etag: "aba9b41b12e3bd89bb7564cfdb97e9922cd2a8d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 1449
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4

103.50.163.157

200 OK

3.0 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
3.0 kB (3009 bytes)
Hash
e3cea22516ec60740080799633b48ccd
488758da0421233b083853e054caaf9152c5709a
da21c4768cf429ddad3b97f762bc18a5726aedafedb0054c0585c71dd31c6b6f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:40 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:40 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3009
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2

103.50.163.157

200 OK

361 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
361 B (361 bytes)
Hash
3fab3d6bd8d195b9ed02538b4d489cd2
25e33ad07ef018fb7d37b7971d31c9fa2104517f
36d7c82983ecf00df6c97641df61786f0b5d80e17d5b1860e56cc7d564ea4e6d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 361
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2

103.50.163.157

200 OK

888 B

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
888 B (888 bytes)
Hash
6c27a3148aa590c99a12c790beb1ab3a
33371c9a38222c4fdd4a055e4aa4d889ad7b874a
590dbd297252c491f819332d690314769b541d0f9092b1326b1550140ad1f458

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/js/scripts.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 888
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2

103.50.163.157

200 OK

180 B

URL HTTP/1.1
news70.net/wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
180 B (180 bytes)
Hash
fb507089eb6755d1c451bffb5df66ac6
a22ce9ffb47782755c8fff37e0206398b251df45
67ddf71208ca0531574bd36ab1e56e0b751e95ea96080c05ad8a77b8fdc79d72

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/the-daily-horoscope/js/script.js?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 180
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript

news70.net/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2

103.50.163.157

200 OK

181 B

URL HTTP/1.1
news70.net/wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
181 B (181 bytes)
Hash
af9b9127be2d7fcb8b8c5280c6aa886d
2eaac42877669e704b790fcfaae1f85a78e0487a
383359f52bee080417fb4b78c7a6c9dd603e1dfe6a3dc205ff1ef364b163cc9d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/simple-image-popup//css/simple-image-popup.css?ver=6.0.2 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Mon, 01 Nov 2021 06:42:21 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 181
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css

news70.net/uploads/banner_main.jpeg

103.50.163.157

200 OK

104 kB

URL HTTP/2
news70.net/uploads/banner_main.jpeg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x607, components 3\012- data
Size
104 kB (103915 bytes)
Hash
039dda4dd23eaeee9c78bba7bc4efaa0
aaf2537b9b9b3a336e27c79a892fc18e650ad1fc
7595e37446380a2a2f9f8286ba87869dc67945942d2e034a94687eafeb664231

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/banner_main.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 09 Jan 2022 09:41:18 GMT
accept-ranges: bytes
content-length: 103915
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg

103.50.163.157

200 OK

173 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size
173 kB (172986 bytes)
Hash
d8b85e8438e9ddb306cc03ee80be11cf
33e7c5dd1f3a6151a6792b52c64ad28a38e9ae30
7a30eb94fcfb72d4567788ae765d6fd537f8073b8a31d4f66233f3d9243c599b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/01/WhatsApp-Image-2022-01-08-at-5.53.03-PM.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 09 Jan 2022 07:52:05 GMT
accept-ranges: bytes
content-length: 172986
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg

103.50.163.157

200 OK

1.9 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1245), with CRLF line terminators
Size
1.9 kB (1893 bytes)
Hash
a92204d8d2a42c5183e48f8e15ba3cc0
6c2467260d53d059811eedb8d4eb042174f7f51f
8d986d3644be383ee839e6695e0e09091a07d97c53318f567fd50d221c487692

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/fb_icons/en_US.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1893
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png

103.50.163.157

200 OK

1.6 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1566 bytes)
Hash
dd7a77031e42a43d2d85c60c40c7ee11
cc3db2995b97aa97dabf06703dfbb1352367fb9b
d2bbd9c27168416289a2b9b8ee4e21b3473338cc5e29f99b734a9c510a5e9a19

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_email.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1566
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/uploads/2019/04/ezgif.com-resize.gif

103.50.163.157

200 OK

442 kB

URL HTTP/2
news70.net/wp-content/uploads/2019/04/ezgif.com-resize.gif
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 260 x 100\012- data
Size
442 kB (441625 bytes)
Hash
19b5312f0ce6dae9a60c14d2cc40f7a1
ca1c07b2a68bcc3b3e6c3b8edb5988e23ec81584
4d88fafbb0678357a2c1c76ed5c3bb99415c9f4bb636c9fe709c5c9422f014a7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/04/ezgif.com-resize.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 441625
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:40 GMT
content-type: image/gif
date: Tue, 13 Sep 2022 22:15:40 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png

103.50.163.157

200 OK

1.4 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1351 bytes)
Hash
aefdab6a1fa07a80cf7d515bb4c7e649
9d40f38c201c9bceb18ccb779d03395b2d1aef7b
1652bc4a1ab4701912ff8832e7e58e3074e1fba1eaf53c43b3a3eb92243ec1cf

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1351
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/plugins/gtranslate/flags/16/hi.png

103.50.163.157

200 OK

431 B

URL HTTP/1.1
news70.net/wp-content/plugins/gtranslate/flags/16/hi.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
431 B (431 bytes)
Hash
0bce589c49b6ca00911ef9bdf06bc97f
4e0bd007f1e79ad5695702f15de9d88994731742
2391b58386bbcf27a8c830aaf9a384b6cf39d9a518bf1d27f1425e398a243c62

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/gtranslate/flags/16/hi.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 431
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png

103.50.163.157

200 OK

1.6 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1644 bytes)
Hash
9b2c259303c3176e7354bd7d5c28b5b0
d43ea265a992d03c4f774a81c875495ea480e0ee
3019cd22da7290ab40dfeee16e1a7390cede915e175b28af4d5fb75a5157f864

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_rss.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1644
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/uploads/2019/04/background.jpg

103.50.163.157

200 OK

6.1 kB

URL HTTP/2
news70.net/wp-content/uploads/2019/04/background.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x260, components 3\012- data
Size
6.1 kB (6067 bytes)
Hash
c059dc98ec9959c5304ae119f9cf5ce8
1a250487331c3aaf2100dbe93529fba008a3d02a
579d1ea1a65d5f832256956d1359725dad70bf324961e758283fdcd016176c61

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/04/background.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 6067
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png

103.50.163.157

200 OK

1.4 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.4 kB (1357 bytes)
Hash
fd252856427200b657dbc55dddbd1217
af4029bf1ab66c8211b37fe27f7e0e3bfa588f41
0dce5940cfbb1995ffa0933df7bdd96af2b9bfff5f4ae12dc1641ad0ce920019

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1357
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-includes/images/spinner.gif

103.50.163.157

200 OK

3.7 kB

URL HTTP/1.1
news70.net/wp-includes/images/spinner.gif
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 20 x 20\012- data
Size
3.7 kB (3656 bytes)
Hash
d54cf50a44bd0aca6fd98bd46acbb2ba
3207333caacc856be8b253412cb7947981924934
5c2d44038a6c53bd74f3a26e690c1974e1385fffbc6def4c59f91dc1f738f0b3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/images/spinner.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:25 GMT
Accept-Ranges: bytes
Content-Length: 3656
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/gif

news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg

103.50.163.157

200 OK

2.1 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (947), with CRLF line terminators
Size
2.1 kB (2096 bytes)
Hash
59c253da886378c1188673bcb674d058
922e7e38e538800b9aef3de34f50759db2886132
dfa6989bbc25ccb9fed7f116fc1a46df25bea3c909b27e2b51c37b9601e1ef82

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/Linkedin_Share/en_US_share.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2096
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.74

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 21:22:23 GMT
expires: Tue, 13 Sep 2022 22:22:23 GMT
cache-control: public, max-age=3600
age: 3198
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png

103.50.163.157

200 OK

1.5 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1529 bytes)
Hash
b4699c9022529206d2a3f5674a8c6f7d
9949e3326520912ca0d7bd6582b1d655d98bb1fd
6b598958eccff91e50b3f1d35a8193f70e72c2b327abb8fc46b17c46c483cce9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Content-Length: 1529
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/png

api.qrserver.com/v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff

195.201.128.178

200 OK

16 kB

URL HTTP/2
api.qrserver.com/v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff
IP
195.201.128.178:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 200 x 200, 1-bit colormap, non-interlaced\012- data
Size
16 kB (16034 bytes)
Hash
26d95324bfeff134defcb63ba08c7834
491c54b9ef039468a22d17f5efed9667ae5c7dd7
2736dfab2c0bb627d0802759627aafe65f92adeec77ca359b486b0f13009a44d

HTTP Headers

GET /v1/create-qr-code/?data=https%3A%2F%2Fnews70.net&size=200x200&format=png&margin=0&color=000000&bgcolor=ffffff HTTP/1.1
Host: api.qrserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:41 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 7200
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 20:15:31 GMT
Expires: Thu, 07 Sep 2023 20:15:31 GMT
Cache-Control: public, max-age=31536000
Age: 525610
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 21:41:09 GMT
Expires: Thu, 07 Sep 2023 21:41:09 GMT
Cache-Control: public, max-age=31536000
Age: 520472
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2

news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg

103.50.163.157

200 OK

1.6 kB

URL HTTP/1.1
news70.net/wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1559), with CRLF line terminators
Size
1.6 kB (1579 bytes)
Hash
f097769beafcaa1f731ed8ebe5200db9
e66fb58cc992221cd87f79f32118a990b5300529
96ef746a7410d2973015d13c2dd5c58b7bd29fd5a5dbbd7b2d1620fd36d01da0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-social-media-icons/images/share_icons/Twitter_Tweet/en_US_Tweet.svg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1579
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/svg+xml

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Sep 2022 15:56:23 GMT
Expires: Fri, 08 Sep 2023 15:56:23 GMT
Cache-Control: public, max-age=31536000
Age: 454758
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://news70.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 528093
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news70.net/wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg

103.50.163.157

200 OK

9.5 kB

URL HTTP/2
news70.net/wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 262x348, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
977d828474aec088936bda3c73282b31
50288869c70bb98dc86d96445ce11c04754abc1d
b58e6e05eb979623516d98eaee4738523f895f20b3aeebfa0f0bbd08934fdae2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/11/IMG-20200928-WA0002-e1606644256522.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 9459
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/plugins/gtranslate/arrow_down.png

103.50.163.157

200 OK

208 B

URL HTTP/1.1
news70.net/wp-content/plugins/gtranslate/arrow_down.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 5 x 3, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
20a650477130c7c2c62c5647131f545b
4615101fcc5df1fab3e7dd516d058e1052a8fcb2
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/gtranslate/arrow_down.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 208
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/plugins/gtranslate/switcher.png

103.50.163.157

200 OK

207 B

URL HTTP/1.1
news70.net/wp-content/plugins/gtranslate/switcher.png
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 10 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
207 B (207 bytes)
Hash
d6ae4f341752017ab0e603e3bb9260b7
c84c11d3bc69c7e14b2f75e7dea6e0ac93dee1e2
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/gtranslate/switcher.png HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 13:00:07 GMT
Accept-Ranges: bytes
Content-Length: 207
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/png

news70.net/wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg

103.50.163.157

200 OK

100 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3\012- data
Size
100 kB (99971 bytes)
Hash
915d67910c34b041e2f04166675dde3a
44581d5128842f0d75b07d77584a2c5381ea7540
b951377f5a09656b38e7410108d3921c451a185522e5bd38aef96265160d9f39

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220807-WA0003.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 07 Aug 2022 06:11:41 GMT
accept-ranges: bytes
content-length: 99971
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg

103.50.163.157

200 OK

105 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x578, components 3\012- data
Size
105 kB (104999 bytes)
Hash
7a5294b72f521f8fb0b483bafa508cfe
e11cafe5e20deca7b61ba58ec8bfeee29a8815ac
e8303023835aa5d5e5cf1ae2fd3ebc54a4e297d4062fd9d1712a4b65b7bcd575

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220815-WA0003.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 15 Aug 2022 16:01:24 GMT
accept-ranges: bytes
content-length: 104999
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg

103.50.163.157

200 OK

102 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 818x1280, components 3\012- data
Size
102 kB (102281 bytes)
Hash
c1880eba459c584d2959c8af2027f1ff
f6421031ce1a7d14b73f54ceb2a0e860eaf942ac
a7548300331999880bee328282b504271d468d45073bab630ec3d577cb55df3c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220808-WA0006.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 07:51:58 GMT
accept-ranges: bytes
content-length: 102281
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg

103.50.163.157

200 OK

106 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 958x1280, components 3\012- data
Size
106 kB (105984 bytes)
Hash
b6e51b86f0da739d64461b2be236f41c
267092ce3dd84b49caa36f6a321a1dc04d5bf385
4e98aa7040610ad953c39a8ea7a33f804e1eb5acd825cc1852c3ed5a4fb0fd88

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220811-WA0014.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 09:50:02 GMT
accept-ranges: bytes
content-length: 105984
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg

103.50.163.157

200 OK

129 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x720, components 3\012- data
Size
129 kB (129393 bytes)
Hash
7d5fcfb69bb8fb9ed8a327a336aec734
8514bbbf84a4e2f8b46e89938ea64ccb6d7f2fc9
b58a09a9aa124a86a7e7fc5cebc3b3ec165a4e2af54ce53ef813d625576dbb97

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/08/IMG-20220810-WA0012.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 11 Aug 2022 07:56:13 GMT
accept-ranges: bytes
content-length: 129393
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg

103.50.163.157

200 OK

125 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 893x1280, components 3\012- data
Size
125 kB (125156 bytes)
Hash
8b0fb6968c6ff2858a61c159582d590a
3a23ef823a64e653ca009a01914bc0274dd158e1
c8c65188c355e70166ae8dac99fcc638e1123e086c6d162435e33b78db4d9d61

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/IMG-20220731-WA0002.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 31 Jul 2022 07:40:37 GMT
accept-ranges: bytes
content-length: 125156
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

103.50.163.157

200 OK

77 kB

URL HTTP/1.1
news70.net/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://news70.net/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=6.0.2
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: font/woff2

news70.net/wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg

103.50.163.157

200 OK

143 kB

URL HTTP/2
news70.net/wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x958, components 3\012- data
Size
143 kB (143165 bytes)
Hash
f5a8c0f29fc4823096649013cf061e4b
90f92834cfdd6e7c5804648e800e22ba4a97ebed
7cfd5c3c15069b9c5746163f1cc4b6516dfd94ddaee357d5bffab8c9ba6cdaf5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/IMG-20220712-WA0010.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Jul 2022 01:38:21 GMT
accept-ranges: bytes
content-length: 143165
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

www.goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz

198.100.157.117

301 Moved Permanently

162 B

URL HTTP/2
www.goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /widget/iframe/live/XAU/320?currency=INR&weight_unit=oz HTTP/1.1
Host: www.goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 22:15:41 GMT
content-type: text/html
content-length: 162
location: https://goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/1.1
connect.facebook.net/en_US/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1685 bytes)
Hash
9295b72021d6985387103fff388ad8b3
246b612bf3fd7bec5979b81a39f3f32dd8f480f4
c917cd8d0fe194d257fcaaa47588ac48947648f3b1aaa0f67d57b96716c93d84

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 128ed31b9a30d5c28015306a41f5bf7d
ETag: "b4a9e5bbf44fa5a220fec34032298a1c"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 13 Sep 2022 22:24:20 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: kpW3ICHWmFOHED//OIrYsw==
X-FB-Debug: 73eX/DP4Ca/PLiebIkYDi9Q7fj2XDzq7hcJGT2WHMaGJm0z8Bv19VG3PVF0cGFkQXgtVA0/8OTJTIYYteS6RqA==
X-FB-TRIP-ID: 1679558926
Date: Tue, 13 Sep 2022 22:15:42 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1685

goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz

198.100.157.117

301 Moved Permanently

162 B

URL HTTP/2
goldbroker.com/widget/iframe/live/XAU/320?currency=INR&weight_unit=oz
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /widget/iframe/live/XAU/320?currency=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/html
content-length: 162
location: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg

103.50.163.157

200 OK

988 B

URL HTTP/2
news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Size
988 B (988 bytes)
Hash
12963cfeb6daea4743ccb30e2c4b3869
47f0ecbef665a5594696a15a048e7f1f31ac1e25
d58d8347e0c06aab1994a859b72efff638afd05fc5cbdc59995a97c1fc578463

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-32x32.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:25 GMT
accept-ranges: bytes
content-length: 988
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:42 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:42 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg

103.50.163.157

200 OK

6.4 kB

URL HTTP/2
news70.net/wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Size
6.4 kB (6351 bytes)
Hash
247bc7252076950db1ad3a9abbf7f998
e110a7d57ec018d938d6617b77b245366701ae88
7af381e868049ba17c041bc6bf6da771d9208a48fbe9c3b28199bff7a941038c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/cropped-WhatsApp-Image-2019-03-26-at-7.30.31-PM-192x192.jpeg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jan 2021 14:58:24 GMT
accept-ranges: bytes
content-length: 6351
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:42 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:42 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif

103.50.163.157

200 OK

4.2 kB

URL HTTP/1.1
news70.net/wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/podamibe-advertisement-management/css/ajax-loader.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/wp-content/plugins/podamibe-advertisement-management/css/slick-theme.css?ver=1.6.0
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:42 GMT
Server: Apache
Last-Modified: Sun, 24 Jan 2021 14:58:24 GMT
Accept-Ranges: bytes
Content-Length: 4178
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:42 GMT
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/gif

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.42

200 OK

1.4 kB

URL HTTP/2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 22:15:42 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 22:15:42 GMT
set-cookie: NID=511=cJ9KGmwUl53si7xgCFt5_bggWN3cQZA208WVcrZP9_TX1ERGimRyjIpzE62Xfr8dryF3PH7cth-9FWTbE9GdpV-cFltVJTSfSqoMM-A-3UrzPWujwovhqtvH8_OMbfAmQJrTU-2HJRMr_S-_YUZ3MwiorxFU02qX2h4SgeWuycM; expires=Wed, 15-Mar-2023 22:15:42 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+232; expires=Thu, 12-Sep-2024 22:15:42 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
97c6f98caadbd5ab949c1e48f310e5d9
eb9e321d545d650bd9ad894daedc0af47046d8e9
2df18cef2f4bd82065d48cd8ea62ab79140d6951491d3bf86c1f47488fc893f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 18:44:08 GMT
Expires: Tue, 20 Sep 2022 18:44:07 GMT
Etag: "eb9e321d545d650bd9ad894daedc0af47046d8e9"
Cache-Control: max-age=591504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a43e392b560b61-OSL

api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844

82.196.7.246

200 OK

516 B

URL HTTP/1.1
api.openweathermap.org/data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844
IP
82.196.7.246:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (516), with no line terminators
Size
516 B (516 bytes)
Hash
12943810b70a4c4c42353cb0a8effda0
3c5727d0a242cb3320ee00c9773eff42f05eaec0
6a21d9f47b5b0ba4f7aa4c57c94a69df8ea14a9a1f56c75c031b0aefe46271e5

HTTP Headers

GET /data/2.5/weather?lang=en&q=Ranchi,India&appid=5c7cb751efca8dcb1429d59d96cd9bc9&callback=jQuery36007009270540697159_1663107327843&_=1663107327844 HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 516
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?_=1663107327844&callback=jQuery36007009270540697159_1663107327843&lang=en&q=ranchi,india
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST

openweathermap.org/img/w/04n.png

138.201.197.100

200 OK

2.8 kB

URL HTTP/1.1
openweathermap.org/img/w/04n.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2773 bytes)
Hash
346f20bb618e7f86dcb32eac361ae541
95d193d618f4a2ed45610df889d652339445fa1e
154cd42c57aa253ece6e86d291c77b06c1d09ec824459e977dceb5a411b2ddb5

HTTP Headers

GET /img/w/04n.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Tue, 13 Sep 2022 22:15:42 GMT
Content-Type: image/png
Content-Length: 2773
Last-Modified: Thu, 22 Sep 2016 11:59:54 GMT
Connection: keep-alive
ETag: "57e3c7ba-ad5"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Tue, 20 Sep 2022 22:15:42 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

goldbroker.com/build/front/amcharts.f2ea9b5a.css?1662551049

198.100.157.117

200 OK

52 B

URL HTTP/2
goldbroker.com/build/front/amcharts.f2ea9b5a.css?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
38d3e9e923fb662eca8fe27326630814
89f21732565af1d6994e10bbcd09d715f162dcaf
ba93927a2b6655017b75d0ac0de6662b0909eeed8430f9cecda2fda5e86de9c7

HTTP Headers

GET /build/front/amcharts.f2ea9b5a.css?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/css
content-length: 52
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
etag: "63188438-34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2

news70.net/wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg

103.50.163.157

200 OK

910 B

URL HTTP/2
news70.net/wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/07/IMG-20220705-WA0025.jpg HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 10 Jul 2022 15:00:56 GMT
accept-ranges: bytes
content-length: 145905
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 22:15:41 GMT
content-type: image/jpeg
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

news70.net/uploads/video.mp4

103.50.163.157

206 Partial Content

757 kB

URL HTTP/2
news70.net/uploads/video.mp4
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
757 kB (756974 bytes)
Hash
e5117cd159b35caa49547add0529a515
ec23e56d7342a4b3bc10ef7ea2a4429bd885a11e
1596af9da4c4d46380052ab8b6cf1a42a6b2493b3c1eba33b661cb542fde4eb9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/video.mp4 HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
last-modified: Sun, 09 Jan 2022 07:47:31 GMT
accept-ranges: bytes
content-length: 14872956
vary: Accept-Encoding,User-Agent
content-range: bytes 0-14872955/14872956
content-type: video/mp4
date: Tue, 13 Sep 2022 22:15:41 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:42 GMT
Last-Modified: Tue, 13 Sep 2022 21:12:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
950526447441749ff9aeea01a5eb6c86
a1b93fd37508a8e29092bd3ea3b70badc5f39289
4413eab24fa6020944731573ebb4ec45827878c13b17f6fdeb791875533505d3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:42 GMT
Last-Modified: Tue, 13 Sep 2022 21:12:24 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3

157.240.200.14

200 OK

88 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18460)
Size
88 kB (87978 bytes)
Hash
b974b1718f2987706ae3ee523314f31e
5c2850c55c815ac36e82ca24b61c45023547f87c
1edc5fed4cb4ee5c9d9fc9673ed49f1fd4159f35f278f2f0d826a7eb7746ab0a

HTTP Headers

GET /en_US/sdk.js?hash=b04f1df94c39ff7417ba750066ffefd3 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://news70.net
Connection: keep-alive
Referer: http://news70.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3efe18fde3c94cc16c6c77a853e99732
etag: "9a959e20cc19da2bd797e6579dc8775d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Sep 2023 19:59:38 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: uXSxcY8ph3Bq4+5SMxTzHg==
x-fb-debug: QwvjAMYXgQAc1CdudAePKnlFEx4GiwYVeSOIGsdK12Pf4LjpMMrCX/abroN2cH8sDfXOacR0iiCtKod5FyqHzg==
priority: u=3,i
content-length: 87978
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 22:15:42 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldbroker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 528526
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size
13 kB (12956 bytes)
Hash
1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goldbroker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:28:30 GMT
expires: Thu, 07 Sep 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 528433
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1146 bytes)
Hash
a77fe522092dc8647f147c3c7e017133
1ae17a9a563ee8a7a621a0a277be18588901e87d
bb6db0daace2685b7e689995340ac36a65bac061e76f16f33422c2f512e6b5bb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-M3J7F9

142.250.74.72

200 OK

52 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M3J7F9
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
data
Size
52 kB (52464 bytes)
Hash
72022035adcff7377f22a2643856a394
3209e5e5921f01056403b41ca0320f461294e6a9
06366cf7e54c1ef1ee32af18ed2fb50cf5e46eda585040865d55e84e0ff1539e

HTTP Headers

GET /gtm.js?id=GTM-M3J7F9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 22:15:43 GMT
expires: Tue, 13 Sep 2022 22:15:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 21:13:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

goldbroker.com/build/fonts/fa-solid-900.ada6e6df.woff2

198.100.157.117

200 OK

78 kB

URL HTTP/2
goldbroker.com/build/fonts/fa-solid-900.ada6e6df.woff2
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

HTTP Headers

GET /build/fonts/fa-solid-900.ada6e6df.woff2 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://goldbroker.com/build/front.f4bd368a.css?1662551049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:43 GMT
content-type: font/woff2
content-length: 78196
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
etag: "63188438-13174"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 22:15:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js

143.204.55.80

200 OK

712 B

URL HTTP/2
widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1218)
Size
712 B (712 bytes)
Hash
a148992a7b15dc7e6a9fa9d5e18e4368
8e4a5a0913a09aaa93313be6d24c3052d3718c39
42f1dad641e614b4bfb3524caf5b1ff69ee49f53dc56f0336bbfb44910b30120

HTTP Headers

GET /bootstrap/v5/tp.widget.sync.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 712
date: Tue, 13 Sep 2022 04:25:15 GMT
last-modified: Mon, 30 May 2022 14:38:03 GMT
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CNEZ3-x6Dwa1ra_ZDz5LYFQ2N_Zj7yJxbBfRoLEvl4qG3CTgNq8qhQ==
age: 64228
X-Firefox-Spdy: h2

widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

143.204.55.80

200 OK

6.1 kB

URL HTTP/2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
143.204.55.80:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size
6.1 kB (6124 bytes)
Hash
5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0

HTTP Headers

GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 13 Sep 2022 00:51:49 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lnTa39Ypo9llobe9Ln0rbHopExDfnvsaWAz_caVKySFDV7cNK-Q-Vw==
age: 77035
X-Firefox-Spdy: h2

news70.net/uploads/flag.gif

103.50.163.157

200 OK

3.4 MB

URL HTTP/1.1
news70.net/uploads/flag.gif
IP
103.50.163.157:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 640 x 352\012- data
Size
3.4 MB (3377164 bytes)
Hash
e6c7eba728a5de8c2c8dc1b76b1682de
04c41d98076f6f8348493db5b22b87dee7269e45
fb0a0dafd4772cf0a607953cdc6e15f6e8bd9d16cdd4994397d238014581acc1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /uploads/flag.gif HTTP/1.1
Host: news70.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://news70.net/
Cookie: aiovg_rand_seed=3493417214; PHPSESSID=7157c2f1ef07db04c98bda007a38f49a

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 22:15:41 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2022 06:15:39 GMT
Accept-Ranges: bytes
Content-Length: 3377164
Cache-Control: max-age=2592000
Expires: Thu, 13 Oct 2022 22:15:41 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/gif

goldbroker.com/api/spot-prices?metal=XAU&currency=INR&weight_unit=oz&boundaries=1

198.100.157.117

200 OK

19 kB

URL HTTP/2
goldbroker.com/api/spot-prices?metal=XAU&currency=INR&weight_unit=oz&boundaries=1
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
data
Size
19 kB (18906 bytes)
Hash
a0e29296fc64158cb8cd76bbb99ab5c7
584f89c1ade0bfec7739b8c319fefcdb08ef8b39
8be5a8e538c266e2db32381f3300fffaf4bddadcdd538db26f6fbc4c963d0d2a

HTTP Headers

GET /api/spot-prices?metal=XAU&currency=INR&weight_unit=oz&boundaries=1 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: max-age=60, public, s-maxage=60
date: Tue, 13 Sep 2022 22:15:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding, Accept-Language, Accept-Version
x-frame-options: SAMEORIGIN
x-content-digest: ena520bfb037165e7eb1b754a8c0dcd48500e1f95c52dd75e595f0c6db15d5ac94
age: 0
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/front.f4bd368a.css?1662551049

198.100.157.117

200 OK

93 kB

URL HTTP/2
goldbroker.com/build/front.f4bd368a.css?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
data
Size
93 kB (92617 bytes)
Hash
79271f17175720c197786876ec1b87b2
e0e2f7d68664b427e8bf1689b2545f45d4f6be7d
0844f4c1ade1303e2a03947510794cdd16ee30d18f28b68aee6319e4eb48e6de

HTTP Headers

GET /build/front.f4bd368a.css?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-71e64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/558.59ceb5fe.js?1662551049

198.100.157.117

200 OK

95 kB

URL HTTP/2
goldbroker.com/build/558.59ceb5fe.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
data
Size
95 kB (95065 bytes)
Hash
67f46e2a898d3b1a2dc66312eaf2a205
1bc967acad1ea12a748bf6343af9fe43110b8eeb
e6386f33998049c6edd8db5bdc3d7603868eb3282c403c1efdc68b72441b2aa8

HTTP Headers

GET /build/558.59ceb5fe.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-4d81e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049

198.100.157.117

200 OK

5.7 kB

URL HTTP/2
goldbroker.com/bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4433)
Size
5.7 kB (5669 bytes)
Hash
82fadc2005f0ac8335bb6c085f0331a2
21e151c9e36b26656fa3991d5d9c297c7500c418
1fe67f4dc6adc677cd1fd675cce7471f5d888ab7f97459b5c6f32598c56ef79c

HTTP Headers

GET /bundles/goldbrokercore/images/logo/en/horizontal.svg?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:44 GMT
content-type: image/svg+xml
content-length: 5669
last-modified: Mon, 02 May 2022 12:00:37 GMT
etag: "626fc7e5-1625"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2

goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz

198.100.157.117

200 OK

7.4 kB

URL HTTP/2
goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type
data
Size
7.4 kB (7421 bytes)
Hash
de9f1a4ed6b4dbb242dbf2c9829edfef
4f30db7743bd4fc67bed2e7f51b60bca565c5487
1239a00be0a6607d2cbb778ee481f2676adee3514e1f6debb8373e5dc02fe41d

HTTP Headers

GET /widget/live/XAU?height=0&currency=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private, s-maxage=60
date: Tue, 13 Sep 2022 22:15:44 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
expires: Tue, 13 Sep 2022 22:15:44 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/962.f2cb67f7.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/962.f2cb67f7.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/962.f2cb67f7.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-4e4e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/runtime.28e69a3d.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/runtime.28e69a3d.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/runtime.28e69a3d.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-5b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/js/routing?callback=fos.Router.setData&v=1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/routing?callback=fos.Router.setData&v=1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
cache-control: max-age=315360000, public, s-maxage=315360000
date: Wed, 07 Sep 2022 11:45:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-digest: en087953e24c129b11f56a5064d8a162db206d5d6bb4c2df58af9074b1334d026d
age: 556208
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/755.f5cf308f.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/755.f5cf308f.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/755.f5cf308f.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-15f95"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/458.a4d26bb1.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/458.a4d26bb1.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/458.a4d26bb1.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-535d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/live/XAU?height=0&currency=INR&weight_unit=oz HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private, s-maxage=60
date: Tue, 13 Sep 2022 22:15:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
expires: Tue, 13 Sep 2022 22:15:42 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/661.0c094aab.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/661.0c094aab.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/661.0c094aab.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-9687"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/front.fa985674.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/front.fa985674.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/front.fa985674.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-29647"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.46

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://news70.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 22:15:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+686; expires=Thu, 12-Sep-2024 22:15:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

goldbroker.com/build/51.a0ead035.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/51.a0ead035.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/51.a0ead035.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-30517"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/bundles/bazingajstranslation/js/translator.min.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/bazingajstranslation/js/translator.min.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Thu, 02 Dec 2021 07:27:01 GMT
vary: Accept-Encoding
etag: W/"61a87545-13ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/translations?v=1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/translations?v=1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translations?v=1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
cache-control: public
etag: W/"decff836154ed70f8b08ce454813a4d7"
expires: Wed, 14 Sep 2022 11:45:44 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding, Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-digest: en0c3bf6d27232cd3bf16cbae427dc9cf239b6950c8dff43f7f1ae7340a719285d
date: Tue, 13 Sep 2022 11:45:44 GMT
age: 37798
content-encoding: gzip
X-Firefox-Spdy: h2

goldbroker.com/build/front/amcharts.03f39b20.js?1662551049

198.100.157.117

200 OK

0 B

URL HTTP/2
goldbroker.com/build/front/amcharts.03f39b20.js?1662551049
IP
198.100.157.117:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /build/front/amcharts.03f39b20.js?1662551049 HTTP/1.1
Host: goldbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldbroker.com/widget/live/XAU?height=0&currency=INR&weight_unit=oz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 22:15:42 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:44:56 GMT
vary: Accept-Encoding
etag: W/"63188438-360a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (65)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML