r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Thu, 24 Nov 2022 11:52:18 GMT
Date: Thu, 24 Nov 2022 11:04:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6523
Cache-Control: max-age=90909
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:50 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:19:59 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 10:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2752
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5347
Expires: Thu, 24 Nov 2022 12:33:57 GMT
Date: Thu, 24 Nov 2022 11:04:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tOvuqAx+Ku3BogoYZ34DCQmFBxx7WH46dqpqm8Nda+/2soKQEvcSmNkcu7pQHre9c7uO71GGzGM=
x-amz-request-id: JQCVHJAMSNS79NPR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 10:43:22 GMT
age: 1288
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:04:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday
192.169.172.64301 Moved Permanently 288 B URL HTTP/1.1 www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb8b61e440e1bb5556b747770788529e
c197db40ec92b84cbd72ff92e4fecfb4fa68dccb
1835aaf1f5fcf49c93c20ab0c379b43578f7901b643ad4dc53d11b324beec0c2
GET /finance-minister-poised-to-read-budget-Thursday HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 11:04:50 GMT
Server: Apache
Location: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday
Content-Length: 288
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 3219
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5969
Cache-Control: max-age=171687
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:51 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:46:18 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.202.70.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.70.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nrceMtqLkuhUmpWr2bNXPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xwOPd2kUp+Ym23/RjhxAimOA+IE=
www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday
192.169.172.64301 Moved Permanently 0 B URL HTTP/2 www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /finance-minister-poised-to-read-budget-Thursday HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/8.1.12
x-redirect-by: WordPress
location: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 11:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:04:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:04:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:04:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:04:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8606
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:04:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 47820
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 037c0f19435a955d7ed58f65911e8f21
51a54b639617e113bb941d28b59c2571c0ca2e63
c2b15ed9257f220ed83845e1d0b343d21b7df9104c21162ea76b889609b8a404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9992
x-amzn-requestid: a16f614c-5a5b-4f8b-97cb-c248e0b50753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvcYEa0IAMFm_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e92b5-3b65b1b17c2a20b44a31aa9f;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:37:57 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OC0uEwrEKZ6UEEg_mpvYcoVBEUSEA_qTttmyRp1xptCRD4Vi4pFbCg==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:13:55 GMT
etag: "51a54b639617e113bb941d28b59c2571c0ca2e63"
content-type: image/jpeg
age: 46257
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 21624
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wm_pBVCoReupun-_glC47ejuxaRJ6ViGPKClLnWkDrmT-SewUOXexw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:01 GMT
age: 46731
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b83dcf4ccde90ad94bb32da4fd35e524
ffd4d9f932aacc8ab123d1ab46c983a3f581d171
cf217cf355e7bea4410efd22e89f5a4de4d154153f587f7cad53533a3fcfe1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8306
x-amzn-requestid: 9506f26d-36cc-47a1-b6ac-b3f720e35981
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c81GrAoAMF-4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c751e-68e3f822732b60db1875d538;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:07:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HVv2xtKAWEE91Tw-OxF20Sp64pUJ-aTdOU0pSk7YfanuCcM8W1naAw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:52:06 GMT
age: 11566
etag: "ffd4d9f932aacc8ab123d1ab46c983a3f581d171"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 14068
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
192.169.172.64200 OK 22 kB URL HTTP/2 www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash e7233d87f7338af13c8d49ff260847e9
6f350a0244a6973f427485aa449a21108aed9dda
de325d7b9c31b9848d6322ceb114273f63d61792c879950d64eeeaef819d4781
GET /finance-minister-poised-to-read-budget-Thursday/ HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.1.12
link: <https://www.ghanaiantimes.com.gh/wp-json/>; rel="https://api.w.org/", <https://www.ghanaiantimes.com.gh/wp-json/wp/v2/posts/120661>; rel="alternate"; type="application/json", <https://www.ghanaiantimes.com.gh/?p=120661>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 21721
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 11:04:52 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-134956209-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-134956209-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 6b5f095a05e342ae81ae4de6ff5da731
4d7fcf8d9ee47958375cc15d6a40ab5bb8c9ed16
f5e8735352a78602e66126e2b1b5077ae38c6c35a0cb3bf13f8ee769e0bb1d28
GET /gtag/js?id=UA-134956209-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:04:53 GMT
expires: Thu, 24 Nov 2022 11:04:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8591d26e594592aebae1cd67b08b1b6
fd2358a2924799bcf37cf0a47fdf4e464931cef4
2131fef4683f16fe809cc78467df15f2a7670488867040924ceddd70ec2e26ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91591
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:53 GMT
Etag: "637e129c-117"
Expires: Fri, 25 Nov 2022 12:31:24 GMT
Last-Modified: Wed, 23 Nov 2022 12:31:24 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 67dea4fbc5ae21f4e2255b6f5d8dcc79
f36cc71a80b34faaf3a87349f13e0f1a1268d043
773f511e7d10a0e27a0760cc964654a87b495758f0891d5f6b0bc55204cf78be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "773F511E7D10A0E27A0760CC964654A87B495758F0891D5F6B0BC55204CF78BE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14735
Expires: Thu, 24 Nov 2022 15:10:28 GMT
Date: Thu, 24 Nov 2022 11:04:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8591d26e594592aebae1cd67b08b1b6
fd2358a2924799bcf37cf0a47fdf4e464931cef4
2131fef4683f16fe809cc78467df15f2a7670488867040924ceddd70ec2e26ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=91591
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:53 GMT
Etag: "637e129c-117"
Expires: Fri, 25 Nov 2022 12:31:24 GMT
Last-Modified: Wed, 23 Nov 2022 12:31:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d4037636c2af8bf20880cffcc598fef
beffe52d3a13fa6de27437c9dcf04a3e07b43c30
f390e607419ddd061e3d563f00a3c6682b8fba1910544ed67ab5ed4498f74cb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F390E607419DDD061E3D563F00A3C6682B8FBA1910544ED67AB5ED4498F74CB7"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4323
Expires: Thu, 24 Nov 2022 12:16:56 GMT
Date: Thu, 24 Nov 2022 11:04:53 GMT
Connection: keep-alive
www.ghanaiantimes.com.gh/wp-content/uploads/2019/07/gtlogo-retina-1.png
192.169.172.64200 OK 46 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/uploads/2019/07/gtlogo-retina-1.png
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 500 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b2a9cd6981e489fe4f25ed3c284d483
81ed8fc3a0896267589b140efe0900af9a3d4cc6
66ce6deb2026f28e6979ef499c146b1a93f22bc148b5fb03e045aff7cb9ef617
GET /wp-content/uploads/2019/07/gtlogo-retina-1.png HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Jul 2019 06:25:34 GMT
etag: "1ac8aa6-b58e-58e3f24bcf380"
accept-ranges: bytes
content-length: 46478
content-type: image/png
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/plugins/taqyeem-buttons/assets/style.css?ver=6.0.3
192.169.172.64200 OK 1.1 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/plugins/taqyeem-buttons/assets/style.css?ver=6.0.3
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 44618bd6c75e203207b9810d5b12690f
539f3eafaa67e7b238a9233541ee925d05cb7fd6
84760063e3b4c6f2694b5c312d562c9cc2842a33af63f5d965f304828cee00be
GET /wp-content/plugins/taqyeem-buttons/assets/style.css?ver=6.0.3 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Jul 2020 05:35:56 GMT
etag: "1aa1dc8-102e-5aad8e178c700-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1095
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
pl17839170.highperformancecpmgate.com/cf/f8/0e/cff80e037ab35e180f29a70e12c09ebc.js
192.243.61.227200 OK 21 kB URL HTTP/1.1 pl17839170.highperformancecpmgate.com/cf/f8/0e/cff80e037ab35e180f29a70e12c09ebc.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60148), with no line terminators
Hash 1053a2a2485e88e108bd3bfe77b974c2
5ba2c627f3962d47b9ea81123b4fc3ad940fe7c6
df7dbf0ffaea59c7227d40f0097c0764942e7cca5f8e6949f541c1134df964ea
Analyzer Verdict Alert quad9 Sinkholed
GET /cf/f8/0e/cff80e037ab35e180f29a70e12c09ebc.js HTTP/1.1
Host: pl17839170.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f50aabf3f7fa4453c85e1377706bae2c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl16761345.profitablegatetocontent.com/4d/1f/13/4d1f13131ec133d69c74936420ba860b.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 pl16761345.profitablegatetocontent.com/4d/1f/13/4d1f13131ec133d69c74936420ba860b.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash 8f7d4f959b802715e4853a3ce0f69a66
f7d5bc0df51e39935d278ba50416407ea618c9d3
44269fef775ac2c8881ecc3443407ce94458fded8eabedd3c411e6e4ecda6cae
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/1f/13/4d1f13131ec133d69c74936420ba860b.js HTTP/1.1
Host: pl16761345.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 11:04:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 951b2b61cadc5a731cd4f15aeed152a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=16133
192.169.172.64200 OK 2.4 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=16133
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (17398), with no line terminators
Hash 51f1d8d22330c83acbb7c4950710e581
886657c6f32e5932421e2e947564cb85659718ed
c9f713ef850357b15eba2af13bf84b2db55ff75287bafd69d64db9026f46d464
GET /wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=16133 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 08:53:17 GMT
etag: "f80f34-43f6-5ee1f6b6993de-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2387
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
192.169.172.64200 OK 3.6 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15223)
Hash 8df0fa70e5b545d683ea87497d38f7ea
68ac203a63741e52063bada6145d38abdbaf0e5b
c113fcca65462584e9585191cab7f19baee0e2e7f834994bed1a745719689103
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f61415-3b78-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3617
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
192.169.172.64200 OK 2.8 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11672)
Hash 88ab2e5f8fbbfbea44e37416790c2ee3
cb61be9c254c2b852b00ee4c4bfcc3eeacd7088d
3766ce08743b996abf2beea917f30538eeb8d3a539656cc2d9acd10f9196c830
GET /wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "104121f-2d99-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2799
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
192.169.172.64200 OK 972 B URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 18:56:40 GMT
etag: "1cc2be7-aab-5ebe077ec526b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 972
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.169.172.64200 OK 4.2 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "284247f-2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4169
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=5.4.10
192.169.172.64200 OK 1.8 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7553)
Hash 9832415dccaa547aeb94cbcc4dd10366
dbfe481608dcd23817aa76af24aba8cf23800c15
e66c4bc832c971c38f5981919ba2efcf9a7e5250fad1fb92cdc4e3dd355b8f13
GET /wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "1041221-1d82-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1789
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
192.169.172.64200 OK 2.9 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 18:56:40 GMT
etag: "1d6187c-26d1-5ebe077ec5a3b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2937
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
192.169.172.64200 OK 2.0 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (5548)
Hash 2a35474c12e3533e0b16c9a3e98f3170
3165f3bd79f5ddd3fcdfcc0a278c572270c2d721
b9a6263d9e5f11fb3ef27ef3b0c84648357ec5e04540fb35906fb22aa75f4329
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012d0-15ad-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2010
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
192.169.172.64200 OK 9.3 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (54141)
Hash 3dd26404c3145004725ad2c61ee8e5e1
39c01e327f499eafb58fe26f4ea8dc539bd7f05a
f2298a4dc5f3ef3ef63b96e8c0d305eafaf9d2de42edeb2cd0930bf65600ee37
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f6141c-d37e-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9257
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
192.169.172.64200 OK 7.7 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (40484)
Hash 3c14001a3a9c63a7d5f7f609fc6a3dba
79158fa5c019f3a8b1bb5d51b73d9c4e67b6c071
83b3e6513292d9c659068907867c677417c843c41ca0703290e7f71c90e81a1d
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f61418-9e25-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7749
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
192.169.172.64200 OK 8.5 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (41903)
Hash 40abae4b4fa585c3953e643c0961e9b8
f42f7e0075bac5daac065533b88d0b425ce0c861
2bc9411f7ac541ac1aef680d808aa3bc6ce8efc60edc0e81bb0827879f0efd03
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f61411-a3b0-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8496
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
192.169.172.64200 OK 12 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (58661)
Hash 3909a0f74da2ae48a681267dfa2b1521
0333a05a8908bdff7e9a41fef5b7917253d20d1f
67bd3f2dcf0a0e9c8a7f60e04af665807a5a6d500c1a856b3781cf0c2ce90676
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f61413-e526-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12546
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.169.172.64200 OK 5.0 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "26c7edc-48b9-5dc6eb878efc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5009
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
192.169.172.64200 OK 4.0 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 18:56:40 GMT
etag: "1d61898-3016-5ebe077ec5a3b-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3957
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.169.172.64200 OK 12 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: "26c74be-15b64-5e2f99fa9e940-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11681
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
192.169.172.64200 OK 3.9 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9306)
Hash beb0a10c629e845f422047cbc1fe18df
b884617a5440c6c57544447a513594520183894d
4812fb2b30d0ffc5db0453e420dd8b240ef2ed87f52c59cb0a18b9209eeede51
GET /wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012ce-2bad-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3910
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
192.169.172.64200 OK 4.7 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (13532)
Hash 5c832efe1dfc82d77a38c3c0dcd442a7
cd3fe6f784b1bcabe2409424d09c963964d53822
db9b51b6a50cd02830af11d580eb45cae0e6599380bf049b31dcfc5192068fde
GET /wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012ca-3909-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4720
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
192.169.172.64200 OK 30 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2c850f72bccb43301b3504b8293e7f6d
05b3fbf9346fc307f4f0598d8f98ed48ada1101f
f4ea07b439966eb9b361f68632c95242ffee63f9cdb881e8b2394be33aec7b9c
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f6141a-2aca3-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 29621
content-type: text/css
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.169.172.64200 OK 31 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "2842487-15db1-5bd3006388300-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 30908
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/uploads/2020/03/gtlogo-retina.png
192.169.172.64200 OK 44 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/uploads/2020/03/gtlogo-retina.png
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 819 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 4f3cb57226dbe2f87bd72a40a0d591ef
b32e390890302ed2c1e5eaa3322eb6686485ee9c
5fe9a38bb7456197d05e194d7453dbea3014ddad823e22e3c95123fb190e056c
GET /wp-content/uploads/2020/03/gtlogo-retina.png HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Mar 2020 10:25:24 GMT
etag: "1aeb7a4-aa45-5a1d384ef4d00"
accept-ranges: bytes
content-length: 43589
content-type: image/png
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
192.169.172.64200 OK 5.4 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16791)
Hash 8ede1103a2dcd534e81bcc6b0e52c3b5
05729fedbe0daa43ac96461eb7c0c5f061ab0506
5b1fa2d7d3e8c8cbedffa8d2713cceee794d651469ce339bfcf9757935f20af8
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012c8-4198-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5444
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
192.169.172.64200 OK 7.0 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (22472)
Hash e9fed91491c4dcd83e42016670bfcd46
680aff6cf5a9ccc47ebce749e216b2e72545bff7
80d492d34b16c3886214f9ae76d77dcf308c0ad2af7f10be6cbd88d2582cd901
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012cd-57c9-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7005
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
192.169.172.64200 OK 14 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.524\012- data
Hash 38bd6da6661dc7afc62ffd19c092f5b0
5d9084cf8714e828c2436d1487658d970a8360a2
f7553ce51f4bcc77953cab452f900417cd16de87f43fc7a8cd0ecd866d618f30
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "12838b5-3510-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13607
content-type: font/woff2
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
192.169.172.64200 OK 12 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32024)
Hash 7447bc526f0da92afe3f2a5d7b6cc608
f25e8f909ad342465fc90102e3c26bc3a182ac98
a69a38a43bfa3fae7400a67e7378e7c50f93d46e5f48c4a47d25a008854bbcb6
GET /wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "10012d2-c0a7-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11639
content-type: application/javascript
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
192.169.172.64200 OK 24 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 40536, version 2.0\012- data
Hash 5be2adc9398287d053ca1e5cd92e1def
bd77e12b6cb3da9da1c48e125803eddd0ad984df
473f88160728e70e6a1abafaefef17d8e30291f9ce0bedef1b18cbfa5e6b3119
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "12a1fce-9e58-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 23772
content-type: font/woff
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5018
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 11:04:54 GMT
Connection: keep-alive
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
192.169.172.64200 OK 711 B URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
Hash 0c190bd965539e520751ec35df0c252f
18963340b83918b9288a34b8efda4d91655a8266
93c0239bd80c469d887aaccb9d051e7f22853776c746b422ce310ff35da31537
GET /wp-content/themes/jannah/assets/css/print.css?ver=5.4.10 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "f61416-87f-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 711
content-type: text/css
date: Thu, 24 Nov 2022 11:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 728 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a263dfa2daa01330b549d73ae1a238c9
f71433120fe26c6f3544af5a5bfd931206396f3e
8d109a5e9093815863d60ddeafd332fca9108e4304d0ac2a0e2aa8c60caa5163
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97996
Date: Thu, 24 Nov 2022 11:04:54 GMT
Etag: "637e2096-1d7"
Expires: Fri, 25 Nov 2022 14:18:10 GMT
Last-Modified: Wed, 23 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DH3zWsco6Su5sM4Y3XajAy-kXnvVKC6iMIDRCdzpMMEfO6CfAbbXqQ==
Age: 2828
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 78a5e8567c816ea5adeff1e60bd63461
bee92246cea1db6fb25a8f4e431060e349dc73a2
5312c83674cb2dc648d3e67a484bcd02cb44fd535ef277c54eb45f4990381243
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100733
Date: Thu, 24 Nov 2022 11:04:54 GMT
Etag: "637e2096-1d7"
Expires: Fri, 25 Nov 2022 15:03:47 GMT
Last-Modified: Wed, 23 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zEvLRCy7lXuHNYDF9fJbetgvDqE7W7_3gUnl9564mijcQU51LX0WSw==
Age: 5565
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash a0145e7c1064ef2198e87fde11c3ec58
67debddb35a5c1e88e8dc23af712e1f802c5a9ef
45f2bc6b0e035396a1a71a0ea19d4fdd71415fcfc839424bc12c4010591815bd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ghanaiantimes.com.gh
access-control-allow-credentials: true
set-cookie: uid_id2=25a38768-cb7a-4aa3-a059-ad7c59f10433:1:1; expires=Sun, 21 Nov 2032 11:04:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash eeedfd6cc55f67fe171bda3ea1ac0589
d193d45d4855f46fe5307ce5bf855de7d00aa897
583d44f4ada3290bda96da489eae03209835a70d55cc89606e66cb9c031149c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ghanaiantimes.com.gh
access-control-allow-credentials: true
set-cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Sun, 21 Nov 2032 11:04:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82401689b683af7cb8bfc79971fcaacc
e1bd44f9f5a52703768671ebed52417d29c70d14
a0edcb7c8b70be0faae8f29ae8a8672a29e1113389d93454d821fb69d3d1e28c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A0EDCB7C8B70BE0FAAE8F29AE8A8672A29E1113389D93454D821FB69D3D1E28C"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5017
Expires: Thu, 24 Nov 2022 12:28:32 GMT
Date: Thu, 24 Nov 2022 11:04:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3dc1cfee826399a4a3842803e5f17055
c227398e206b222d2aba5a2eb13a2aba78562139
224f55aab5c18620bd50a6a2fd0b996a29cae883dd75cb1c5bd480d10510212f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "224F55AAB5C18620BD50A6A2FD0B996A29CAE883DD75CB1C5BD480D10510212F"
Last-Modified: Tue, 22 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16806
Expires: Thu, 24 Nov 2022 15:45:01 GMT
Date: Thu, 24 Nov 2022 11:04:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 609c98a8b382f1ae5e97d943b75ba967
f3ebe2617f300b9a6101a593cf9010336e151d69
44ee2f7b3ca516ae421e9b3fe04b46cb63a3334414f8d8435e2270b9874cf8aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44EE2F7B3CA516AE421E9B3FE04B46CB63A3334414F8D8435E2270B9874CF8AA"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Thu, 24 Nov 2022 12:08:40 GMT
Date: Thu, 24 Nov 2022 11:04:55 GMT
Connection: keep-alive
www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 064ecd0f8b09812054fb6e6468ae81d1
bef0947280a0f2fb278903e4a67da4aada434d63
e849984280e71fa15f25ef210551cdf0eae1a528aab4c0eb21429bbb90e61d7e
Analyzer Verdict Alert quad9 Sinkholed
GET /b3100a2926a0cc78c80af269231abd62/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bcfdee2bfd55f6ece4fb4111dfae7928
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=4018&rd=4018&fd=916&bv=22.10.v.9&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=4018&rd=4018&fd=916&bv=22.10.v.9&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4018&rd=4018&fd=916&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a437115ec456631b9877eda5863f3ffc
32fccac7e0cba7459f6b8e8dec6c4a2d31876639
b2915adeb6fc5c449a9e99b4494c58f5054f802e94f51d60f2b240ee5934a078
Analyzer Verdict Alert quad9 Sinkholed
GET /b3100a2926a0cc78c80af269231abd62/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 059d369071ee6d9a5659c59174dc5bb2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
Analyzer Verdict Alert quad9 Sinkholed
GET /b3100a2926a0cc78c80af269231abd62/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e814d209820536e4ee549a59dafd70e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e35fa4dae40bd0e50b8721139c5c1e96
29c62a374706992243f28a55ccde2c170e0957f4
906b12ecb187e42e1a0522ad8a6418b1901f7c87adb31afe4b602e3756ade39f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "906B12ECB187E42E1A0522AD8A6418B1901F7C87ADB31AFE4B602E3756ADE39F"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15594
Expires: Thu, 24 Nov 2022 15:24:49 GMT
Date: Thu, 24 Nov 2022 11:04:55 GMT
Connection: keep-alive
www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a437115ec456631b9877eda5863f3ffc
32fccac7e0cba7459f6b8e8dec6c4a2d31876639
b2915adeb6fc5c449a9e99b4494c58f5054f802e94f51d60f2b240ee5934a078
Analyzer Verdict Alert quad9 Sinkholed
GET /b3100a2926a0cc78c80af269231abd62/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b8f35330133971cb8c3982d791577b4f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1743d3006d8795e72132f0ba7ceb9ab
f0a54160253643c30664494929a2bcad1b588758
ba89480f86e7a00ec063f75ea94a86fb806679d09090db14be6863b5cfb19d80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA89480F86E7A00EC063F75EA94A86FB806679D09090DB14BE6863B5CFB19D80"
Last-Modified: Mon, 21 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2837
Expires: Thu, 24 Nov 2022 11:52:12 GMT
Date: Thu, 24 Nov 2022 11:04:55 GMT
Connection: keep-alive
ifknittedhurtful.com/watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 ifknittedhurtful.com/watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Location: https://ifknittedhurtful.com/watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=11acde00a90f7254825948a9ac08bd64634d64df61118df8f80449be441f7857b467402410cad3ad3b269d500987b41cf28b4e6118044405306e3c17421f3f2ef873267c81d6cab1e3781a03509c62180aef7ff639c0227675943fa434db&pst=1669287955&rmtc=t
Set-Cookie: u_pl=16662569; expires=Fri, 25 Nov 2022 11:04:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; expires=Thu, 24 Nov 2022 11:05:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8d876def13772bb1d2487941c150c5f
Strict-Transport-Security: max-age=0; includeSubdomains
www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/b3100a2926a0cc78c80af269231abd62/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Hash 0db772eac3d593b76f0b7b577f1446b1
dd9c4c575a1ebbd9d44c83ad68e4909f3ebf19fe
ed2b43d32274d9f017cc65249e1ae6eec2ebc69b38b53c2daba065dc9090ff9c
Analyzer Verdict Alert quad9 Sinkholed
GET /b3100a2926a0cc78c80af269231abd62/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 154c742b0358a0f119cf5aae06a595fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ifknittedhurtful.com/watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 ifknittedhurtful.com/watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Location: https://ifknittedhurtful.com/watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=7f29c32ef489d17d2b8cf44162eae58230528b29b23fe9522c6bac58f666982e3806ddb9f503aeac252cf4147f0c56a2c4a8a8ddf8b5f8d0adc8deb1e69e29a8baac5a6a3723e928f1fae75ab92304a468f5b06cc952864c659becf516e8a9fa0d&pst=1669287956&rmtc=t
Set-Cookie: u_pl=16662569; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; expires=Thu, 24 Nov 2022 11:05:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25d51a1d0f363f41f2f77a55dbda7d25
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 parkingridiculous.com/watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Location: https://parkingridiculous.com/watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=faed104ac62ae4f94442abf5c88bd16b57a5be7fc6ac52ee942d4c48d2626a7b9028839e49e274579bbde24732b6b0437df82f8aa54602ada1d150b3d984abc201a8a73f4024ca80b455656ca95aeed9ab4eb480fdd5b4ede926a57b164a5e&pst=1669287956&rmtc=t
Set-Cookie: u_pl=16662569; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; expires=Thu, 24 Nov 2022 11:05:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f5de98cba1f2040fef8302f04c7a9fd
Strict-Transport-Security: max-age=0; includeSubdomains
ifknittedhurtful.com/sbar.json?key=4d1f13131ec133d69c74936420ba860b&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
173.233.137.44200 OK 3.3 kB URL HTTP/1.1 ifknittedhurtful.com/sbar.json?key=4d1f13131ec133d69c74936420ba860b&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (5828), with no line terminators
Hash 048ecd3881fb943e1b5dca4684cc93b9
424a1ca1824820a869b453f54bb56f19488cd71b
ba5092fe0139faed473004c29baf16f729a76370c997ddd8d870a0b1d4f5e517
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=4d1f13131ec133d69c74936420ba860b&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16660846; expires=Fri, 25 Nov 2022 11:04:55 GMT; secure; SameSite=None
uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
slec4d1f13131ec133d69c74936420ba860b=[3760946]; expires=Thu, 24 Nov 2022 11:05:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b4121007325b1a53bd8a5058b9cf71b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ifknittedhurtful.com/watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=11acde00a90f7254825948a9ac08bd64634d64df61118df8f80449be441f7857b467402410cad3ad3b269d500987b41cf28b4e6118044405306e3c17421f3f2ef873267c81d6cab1e3781a03509c62180aef7ff639c0227675943fa434db&pst=1669287955&rmtc=t
173.233.137.44200 OK 641 B URL HTTP/1.1 ifknittedhurtful.com/watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=11acde00a90f7254825948a9ac08bd64634d64df61118df8f80449be441f7857b467402410cad3ad3b269d500987b41cf28b4e6118044405306e3c17421f3f2ef873267c81d6cab1e3781a03509c62180aef7ff639c0227675943fa434db&pst=1669287955&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 0f64753cea39d0e53316f3d8239f8ef6
94fd4235db3d060c3aca04e110b0dbc93e26a7b4
1acb9fd723dcf19f104a541b46631a3a002f22eb943ca87986a7ecdc373757df
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1584890825009.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=11acde00a90f7254825948a9ac08bd64634d64df61118df8f80449be441f7857b467402410cad3ad3b269d500987b41cf28b4e6118044405306e3c17421f3f2ef873267c81d6cab1e3781a03509c62180aef7ff639c0227675943fa434db&pst=1669287955&rmtc=t HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Referer: https://www.ghanaiantimes.com.gh/
Connection: keep-alive
Cookie: u_pl=16662569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
iprc36a480ec0195f2805008b5764acbba64=2717343; expires=Fri, 25 Nov 2022 13:04:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cea252da5ff95483dee75caf2a1b463
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 114fcbbbf1c185d571af73ae9ccf0730
b5e6644662439e6e80cbe9206b7047c22942afe7
742f3855fe106545e8f28ecdf5649649b5fe76099866379276defd773647ba70
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "742F3855FE106545E8F28ECDF5649649B5FE76099866379276DEFD773647BA70"
Last-Modified: Tue, 22 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Thu, 24 Nov 2022 12:40:11 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
www.ghanaiantimes.com.gh/wp-content/uploads/2022/11/Stay-Off-Vincent-Oppong-Asamoah.jpg
192.169.172.64200 OK 54 kB URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/uploads/2022/11/Stay-Off-Vincent-Oppong-Asamoah.jpg
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 350x408, components 3\012- data
Hash 586a1ff666db1f6c5fd509d8471e47ef
d223fc7fedd0a66c1f646118228740cf40894ebf
56c7c64ecbe885bb0b3dc77d06de5c838a7558e9980b0e8f8bc9e5120af64189
GET /wp-content/uploads/2022/11/Stay-Off-Vincent-Oppong-Asamoah.jpg HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1; ppu_main_cff80e037ab35e180f29a70e12c09ebc=1; sb_main_4d1f13131ec133d69c74936420ba860b=1; sb_count_4d1f13131ec133d69c74936420ba860b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 09:10:04 GMT
etag: "1f2065a-d4d3-5ee1fa76fc37e"
accept-ranges: bytes
content-length: 54483
content-type: image/jpeg
date: Thu, 24 Nov 2022 11:04:56 GMT
server: Apache
X-Firefox-Spdy: h2
parkingridiculous.com/watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=faed104ac62ae4f94442abf5c88bd16b57a5be7fc6ac52ee942d4c48d2626a7b9028839e49e274579bbde24732b6b0437df82f8aa54602ada1d150b3d984abc201a8a73f4024ca80b455656ca95aeed9ab4eb480fdd5b4ede926a57b164a5e&pst=1669287956&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 parkingridiculous.com/watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=faed104ac62ae4f94442abf5c88bd16b57a5be7fc6ac52ee942d4c48d2626a7b9028839e49e274579bbde24732b6b0437df82f8aa54602ada1d150b3d984abc201a8a73f4024ca80b455656ca95aeed9ab4eb480fdd5b4ede926a57b164a5e&pst=1669287956&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2578)
Hash d377e152be935d41fb2f881bf5df4e26
7897cc88dc567f71f57de18a7c76ae9270da119a
34ccbc2b9e42f2018fe6da890ceaf9aee29e84fd481b6dbc663a51a717fa399c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.153066561501.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=faed104ac62ae4f94442abf5c88bd16b57a5be7fc6ac52ee942d4c48d2626a7b9028839e49e274579bbde24732b6b0437df82f8aa54602ada1d150b3d984abc201a8a73f4024ca80b455656ca95aeed9ab4eb480fdd5b4ede926a57b164a5e&pst=1669287956&rmtc=t HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Referer: https://www.ghanaiantimes.com.gh/
Connection: keep-alive
Cookie: u_pl=16662569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c640fe0d379d7fad4ecd55728d4ce2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ifknittedhurtful.com/watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=7f29c32ef489d17d2b8cf44162eae58230528b29b23fe9522c6bac58f666982e3806ddb9f503aeac252cf4147f0c56a2c4a8a8ddf8b5f8d0adc8deb1e69e29a8baac5a6a3723e928f1fae75ab92304a468f5b06cc952864c659becf516e8a9fa0d&pst=1669287956&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 ifknittedhurtful.com/watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=7f29c32ef489d17d2b8cf44162eae58230528b29b23fe9522c6bac58f666982e3806ddb9f503aeac252cf4147f0c56a2c4a8a8ddf8b5f8d0adc8deb1e69e29a8baac5a6a3723e928f1fae75ab92304a468f5b06cc952864c659becf516e8a9fa0d&pst=1669287956&rmtc=t
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (2642)
Hash c699b62a6094b1bee52c7463ba0e7373
f46c2ce4236f4950f76695c0b8f368947f78872f
56a9d3a4db215675ede632e898dec402e89672335711cb27678e106ffb73e826
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1108818858080.js?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&shu=7f29c32ef489d17d2b8cf44162eae58230528b29b23fe9522c6bac58f666982e3806ddb9f503aeac252cf4147f0c56a2c4a8a8ddf8b5f8d0adc8deb1e69e29a8baac5a6a3723e928f1fae75ab92304a468f5b06cc952864c659becf516e8a9fa0d&pst=1669287956&rmtc=t HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ghanaiantimes.com.gh
Referer: https://www.ghanaiantimes.com.gh/
Connection: keep-alive
Cookie: u_pl=16660846; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec4d1f13131ec133d69c74936420ba860b=[3760946]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a7e799805b591d4877be8a0a36f053e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ifknittedhurtful.com/pixel/sbe?t=2&error=timeout
173.233.137.44200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbe?t=2&error=timeout
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=2&error=timeout HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Cookie: u_pl=16660846; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec4d1f13131ec133d69c74936420ba860b=[3760946]; iprc36a480ec0195f2805008b5764acbba64=2717343; pdhtkv23=true; uncs23=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 128947ec7b52febb8ece9e9d63ebcffc
52fcbf26e04ea81e674e512dbc77ab67bacf3db6
5cfd821fe96a2e13784d9a63725f8aa5de392155cf1000c308a09a14ff9efe8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CFD821FE96A2E13784D9A63725F8AA5DE392155CF1000C308A09A14FF9EFE8B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10414
Expires: Thu, 24 Nov 2022 13:58:30 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 128947ec7b52febb8ece9e9d63ebcffc
52fcbf26e04ea81e674e512dbc77ab67bacf3db6
5cfd821fe96a2e13784d9a63725f8aa5de392155cf1000c308a09a14ff9efe8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CFD821FE96A2E13784D9A63725F8AA5DE392155CF1000C308A09A14FF9EFE8B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10414
Expires: Thu, 24 Nov 2022 13:58:30 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d363aefd1a49a8d1bee47992e20e469c
c6f6d65427abcb94cf47475bcc5eeba92dc5eb88
94a7bd6ac9bd7809afd8615a15a598f0bd81c00d65739193a7d26a1e0b400b49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94A7BD6AC9BD7809AFD8615A15A598F0BD81C00D65739193A7D26A1E0B400B49"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6380
Expires: Thu, 24 Nov 2022 12:51:16 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg
45.133.44.10200 OK 99 kB URL HTTP/2 cdn.cloudimagesb.com/bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:02:08 17:49:35], baseline, precision 8, 728x90, components 3\012- data
Hash 3591d51814ac5fc064f9a9b4df83ecc1
63a72bb7755a4342b034e2ff548e72d3ff658601
07e657ebba4bde6ddbd30acf77bfa36fb90ce693f84cf3751331b60090fb3ae1
GET /bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:56 GMT
content-type: image/jpeg
content-length: 98958
server: nginx/1.17.6
last-modified: Sat, 12 Feb 2022 22:40:32 GMT
etag: "62083760-1828e"
expires: Sat, 26 Nov 2022 11:04:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif
45.133.44.10200 OK 649 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Size 649 kB (649069 bytes)
Hash 3939d8d49085469f6cf03ad39b7cde27
2db149ce5af5f3ea6d41f822ca12577ed9e21a9f
0e585bd5674a92f09fdacb6868af7e75a7355216f383cb27b6989c7656739684
GET /bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:56 GMT
content-type: image/gif
content-length: 649069
server: nginx/1.17.6
last-modified: Thu, 06 Oct 2022 12:24:40 GMT
etag: "633ec908-9e76d"
expires: Sat, 26 Nov 2022 11:04:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
yearbookhobblespinal.com/watch.714689604080?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 yearbookhobblespinal.com/watch.714689604080?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (621)
Hash a6e7014944528334d46a0e525fc2dd96
26e7111397c04bd039e0324d625ce0e5ced56a35
40b753bd2d9808022dd7353cba236020e729f6b314e5ad8b9adfba053e31b04e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.714689604080?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16662569; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; expires=Thu, 24 Nov 2022 11:05:56 GMT; secure; SameSite=None
uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 870b1345d7e478c738fe9ecbb1e66235
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.544978635587?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
192.243.61.227200 OK 1.3 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.544978635587?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (621)
Hash d8f0d54b42d44a64259c7965a25be78f
0727b61a6c5a6d3c4cf0f57b2133c2cf7e89deb2
afa55efd483584f7c24624fe0143937849d692faf64664dcac3e863f6241d4d1
GET /watch.544978635587?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16662569; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; expires=Thu, 24 Nov 2022 11:05:56 GMT; secure; SameSite=None
uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc03260546eaf7a7a94307f1c781ac05
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b4f984319df68f5315b8e9d4227ec58
86a46bf269691b1c17ac84c157a159d0b1099d66
bf0d0db0be5e701798d15a05fe682a13e5d60f9657bf994f9adacf17184c2ed8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF0D0DB0BE5E701798D15A05FE682A13E5D60F9657BF994F9ADACF17184C2ED8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15633
Expires: Thu, 24 Nov 2022 15:25:29 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1282da333101ca2229d6bbe482ca939
80a54289cbf8023dc45058af9391c52b956a4b8a
8e30655f84c3dedd33c4a3b98fc024c4e4905f6a51d8ae3317cba80aca268693
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E30655F84C3DEDD33C4A3B98FC024C4E4905F6A51D8AE3317CBA80ACA268693"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15053
Expires: Thu, 24 Nov 2022 15:15:49 GMT
Date: Thu, 24 Nov 2022 11:04:56 GMT
Connection: keep-alive
yearbookhobblespinal.com/watch.714689604080?shu=8f7faf36bc6a9d3865773fad10ebf68649cf05c23ced8a3e4d2f8a7428ea75e50fb73b9353d657c5240508c2eb964850a8db01b54d8190be785e4d15fca5b388edafb097f780739158429bb71331119006f17c50932faaf56a6c4042c5b3f5&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&tz=0&dev=e&res=12.1055
173.233.137.60200 OK 1.8 kB URL HTTP/1.1 yearbookhobblespinal.com/watch.714689604080?shu=8f7faf36bc6a9d3865773fad10ebf68649cf05c23ced8a3e4d2f8a7428ea75e50fb73b9353d657c5240508c2eb964850a8db01b54d8190be785e4d15fca5b388edafb097f780739158429bb71331119006f17c50932faaf56a6c4042c5b3f5&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2520)
Hash 8ba7bdb8448429a439e3de8eda01c9b7
2088530cab7e22eb6fd607d91e6e1d9988cba131
06fcb68348246ab65620846847fe1cbb98d04da24eb45e6c7cb446af93249880
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.714689604080?shu=8f7faf36bc6a9d3865773fad10ebf68649cf05c23ced8a3e4d2f8a7428ea75e50fb73b9353d657c5240508c2eb964850a8db01b54d8190be785e4d15fca5b388edafb097f780739158429bb71331119006f17c50932faaf56a6c4042c5b3f5&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yearbookhobblespinal.com/watch.714689604080?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
Cookie: u_pl=16662569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d61b1e7efe8abe39154f851f557747ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/cd/64/48/cd6448d1b1b2b9dad7274214c1e2d213/1643387217.jpg
45.133.44.10200 OK 16 kB URL HTTP/2 cdn.cloudimagesb.com/bi/cd/64/48/cd6448d1b1b2b9dad7274214c1e2d213/1643387217.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 728x90, components 3\012- data
Hash 932bc8b0cd33fb2ca8ec275382669383
d280cce7d8c91e82424798d3b97fc78b05b806a9
f79b1745ee4c9e50e0c8fe877396fdecad959b6425561375644c8cd04154cda1
GET /bi/cd/64/48/cd6448d1b1b2b9dad7274214c1e2d213/1643387217.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yearbookhobblespinal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:56 GMT
content-type: image/jpeg
content-length: 15948
server: nginx/1.17.6
last-modified: Fri, 28 Jan 2022 16:27:05 GMT
etag: "61f41959-3e4c"
expires: Sat, 26 Nov 2022 11:04:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/watch.544978635587?shu=8c4e2090f9b0a9465f60906da66ef3daa1cdbc7a98a24619be51e411cad3410d888012085f3a458fc309121eaef7ca06294e4b30755c1e6ddfaf961f1578fb5eaff0a9aa4db240f994a589719aeab6851900f54d&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D
192.243.61.227200 OK 1.7 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.544978635587?shu=8c4e2090f9b0a9465f60906da66ef3daa1cdbc7a98a24619be51e411cad3410d888012085f3a458fc309121eaef7ca06294e4b30755c1e6ddfaf961f1578fb5eaff0a9aa4db240f994a589719aeab6851900f54d&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2396)
Hash 44f5315483dfb666ddbee1bf5769ac49
6457b91b2de6d26554c3e1f5b5dc8890b7d23d5d
39fe78cadc1526cb1ebfc7478c118b0bc742efe09e82b15ff3ecb2ecd84cbfaf
GET /watch.544978635587?shu=8c4e2090f9b0a9465f60906da66ef3daa1cdbc7a98a24619be51e411cad3410d888012085f3a458fc309121eaef7ca06294e4b30755c1e6ddfaf961f1578fb5eaff0a9aa4db240f994a589719aeab6851900f54d&pst=1669287956&rmtc=t&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1&pii=&in=false&key=b3100a2926a0cc78c80af269231abd62&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/watch.544978635587?key=b3100a2926a0cc78c80af269231abd62&kw=%5B%22%C2%A0finance%22%2C%22minister%22%2C%22poised%22%2C%22to%22%2C%22read%22%2C%22budget%22%2C%22thursday%22%2C%22-%22%2C%22ghanaian%22%2C%22times%22%5D&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2Ffinance-minister-poised-to-read-budget-Thursday%2F&tz=0&dev=e&res=12.1055&uuid=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1
Cookie: u_pl=16662569; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY2MjU2OSwiayI6ImIzMTAwYTI5MjZhMGNjNzhjODBhZjI2OTIzMWFiZDYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgwNjQxLCJwaWQiOjM3NzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJxcGhxY3F0cTgwIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmdoYW5haWFudGltZXMuY29tLmdoL2ZpbmFuY2UtbWluaXN0ZXItcG9pc2VkLXRvLXJlYWQtYnVkZ2V0LVRodXJzZGF5LyJ9fQ.xUB6SUb1iJ3sM0oqL_D26FU9jEqEQ89lv2L0JeuHxAg; uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Access-Control-Allow-Origin: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6395b1f8-8c0d-40af-9cc5-710106ff5538:3:1; expires=Thu, 01 Dec 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 25 Nov 2022 11:04:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b3250c36e5f20c01badbfc5a8bc9b8a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16662569
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16662569
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1eab774ac6a30517c9f4893821cb31a1
6cad766f9ca910b049142601461f5ed70d3f30e6
019c43e29c3e1c046de25147b9b2fda45b0751949f505e1520621b81ce60d272
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16662569 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 25 Nov 2022 11:04:56 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NjI1NjkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuZ2hhbmFpYW50aW1lcy5jb20uZ2gvIn19.tGgmdPEWjeL4svEGXWCDUt-RiHyfrmO-gdZGHDKGEh8; expires=Thu, 24 Nov 2022 11:05:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e21ee07729eb945dd60ba130ce4df789
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
45.133.44.10200 OK 45 kB URL HTTP/2 cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash dbde2854f2a693ab43a1ee72cdf0c686
820bc6fb6d40db1cdc8b9a214d4a8b1138f2e3fa
aa648c4116a815deb4a006ed29f17342ccdb8c0d2ca863b54aa2517e1ed88641
GET /cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:57 GMT
content-type: image/png
content-length: 45371
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:13:41 GMT
etag: "61080ba5-b13b"
expires: Sat, 26 Nov 2022 11:04:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 11:04:57 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c124a68cf6426c0a8210b6261cf9bc5a
Strict-Transport-Security: max-age=0; includeSubdomains
www.spikereekvelocity.com/dyfc1k09?shu=bf0bc00deec640f6a0ad0bcf430fc5150727b4bf3ca1d220aa1d7a78e2eef42ce07eeae88d896415807f69c3f49ef9535a82c1e4926286ed82f1233972c41380883a318fe133df491fdd421738410bfc14f63c0d398a4620bf2ff34e65af&pst=1669287956&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2F&psid=16662569
173.233.137.52302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=bf0bc00deec640f6a0ad0bcf430fc5150727b4bf3ca1d220aa1d7a78e2eef42ce07eeae88d896415807f69c3f49ef9535a82c1e4926286ed82f1233972c41380883a318fe133df491fdd421738410bfc14f63c0d398a4620bf2ff34e65af&pst=1669287956&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2F&psid=16662569
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=bf0bc00deec640f6a0ad0bcf430fc5150727b4bf3ca1d220aa1d7a78e2eef42ce07eeae88d896415807f69c3f49ef9535a82c1e4926286ed82f1233972c41380883a318fe133df491fdd421738410bfc14f63c0d398a4620bf2ff34e65af&pst=1669287956&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.ghanaiantimes.com.gh%2F&psid=16662569 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NjI1NjkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuZ2hhbmFpYW50aW1lcy5jb20uZ2gvIn19.tGgmdPEWjeL4svEGXWCDUt-RiHyfrmO-gdZGHDKGEh8; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 24 Nov 2022 11:04:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a5b4fd9255d0fabffa62bd575c8094&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprc05d207e21bd85ac5fe96f38f0f8c7906=3806410; expires=Fri, 25 Nov 2022 11:04:57 GMT
pdhtkv=true; expires=Fri, 25 Nov 2022 11:04:57 GMT
uncs=1; expires=Fri, 25 Nov 2022 11:04:57 GMT
pdhtkv28=true; expires=Fri, 25 Nov 2022 11:04:57 GMT
uncs28=1; expires=Fri, 25 Nov 2022 11:04:57 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 681f7566c5fbcb8a2f7d0015264fd276
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a5b4fd9255d0fabffa62bd575c8094&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a5b4fd9255d0fabffa62bd575c8094&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18a5b4fd9255d0fabffa62bd575c8094&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=17sla5wfvr; expires=Fri, 25-Nov-2022 11:04:57 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a; expires=Fri, 25-Nov-2022 11:04:57 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=16bc699f282081ef97&uclick=17sla5wfvr&uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=16bc699f282081ef97&uclick=17sla5wfvr&uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=16bc699f282081ef97&uclick=17sla5wfvr&uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=16bc699f282081ef97&uclick=17sla5wfvr&uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6150
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:58 GMT
Last-Modified: Thu, 24 Nov 2022 09:22:28 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 24 Nov 2022 11:04:58 GMT
date: Thu, 24 Nov 2022 11:04:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios@1.2.0/dist/axios.min.js
104.16.122.175200 OK 12 kB URL HTTP/2 unpkg.com/axios@1.2.0/dist/axios.min.js
IP 104.16.122.175:0
File type ASCII text, with very long lines (29551)
Hash 5a64803c815736d19eab9bb8383114c4
a74b906e8ebd175b2f3d6eb64e99bff71ffc065e
0c456a22ee0a426fd4eacc7553a68934a19b01eae275546d6140f4b4a3260a81
GET /axios@1.2.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bo2217ok3tro9.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7396-Wc6sdIzlj1RsovoMRKQah8UZFhA"
via: 1.1 fly.io
fly-request-id: 01GJGC0D1SRCGJTEVMAF435H8Z-ams
cf-cache-status: HIT
age: 143636
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f1aab3da90b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9ad530611965e9719553c697aa557c91
8b675a73a7776f9ed27e9efb5b0123d684c444dc
212221f252e92face0e5e897e82b45f40977a56def1e6bc41b244fc5290b27e1
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:04:58 GMT
expires: Thu, 24 Nov 2022 11:04:58 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.122.175302 Found 61 kB URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.122.175:0
Hash d23621f9a210c3066e4dba5faee20393
0a4bc721a4da41ef72fb55f441d8256a2ac8ea94
4314296af3fa545d9a6dce5c0e2ee8d9fc2f5075baa6719c589ff19344251a3b
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 24 Nov 2022 11:04:58 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJMMHN6TNRMWC92AB19BEFNR-fra
cf-cache-status: HIT
age: 465
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f1aab39a4bb4ff-OSL
X-Firefox-Spdy: h2
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=16bc699f282081ef97&uclick=17sla5wfvr&uclickhash=17sla5wfvr-17sla5wfvr-17dz-166o-ir8n-bza7-oje8-8e735a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 11:04:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 4876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:04:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 426780
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/uploads/2022/11/CENSURESHIP-The-members-of-the-committee-220x150.png
192.169.172.64200 OK 0 B URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/uploads/2022/11/CENSURESHIP-The-members-of-the-committee-220x150.png
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/uploads/2022/11/CENSURESHIP-The-members-of-the-committee-220x150.png HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=6395b1f8-8c0d-40af-9cc5-710106ff5538%3A3%3A1; ppu_main_cff80e037ab35e180f29a70e12c09ebc=1; sb_main_4d1f13131ec133d69c74936420ba860b=1; sb_count_4d1f13131ec133d69c74936420ba860b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Nov 2022 07:48:33 GMT
etag: "1f20183-e38f-5edb9eebac7bd"
accept-ranges: bytes
content-length: 58255
content-type: image/png
date: Thu, 24 Nov 2022 11:04:56 GMT
server: Apache
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
192.169.172.64200 OK 0 B URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "12838ba-13654-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/woff2
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
accessily.com/img/Accessily_badge.png
104.21.86.155404 Not Found 0 B URL HTTP/2 accessily.com/img/Accessily_badge.png
IP 104.21.86.155:0
GET /img/Accessily_badge.png HTTP/1.1
Host: accessily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 24 Nov 2022 11:04:53 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKp1gvMtbQtBhH0OEejw8nhr6hmd4viieVuQ0q6WZ0j%2FSLSxrJz%2Ft1Rz0uOzI%2BEB%2BGT7oUkuCqijxHY5S9tAY0goNPXYkQRG12gSEQ9FA49IVMIepABxCwbkgNs0YveC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1aa96fef0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
192.169.172.64200 OK 0 B URL HTTP/2 www.ghanaiantimes.com.gh/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
IP 192.169.172.64:0
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: www.ghanaiantimes.com.gh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/finance-minister-poised-to-read-budget-Thursday/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Dec 2021 13:37:33 GMT
etag: "12838b0-12b44-5d28e79ba6140-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/woff2
date: Thu, 24 Nov 2022 11:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.140.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.140.24:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ghanaiantimes.com.gh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:04:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0f96e354bb0bf41d561f45e932a1577c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 11:04:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrFRrNSapPUCmtBTo%2FEwvp8pvozN%2Bn%2Fo6ndWYPj4sXx47NINPzxrDgy3ZQGbTCQM0yX3KjU2Ze9%2F6A%2BNwT5UmnTfvDgBNw24%2By6raiJpLIx1XNJPpDmhoAh77WvZC4VRM4NqgvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1aa9eba8176d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2