r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19367
Expires: Tue, 31 Jan 2023 11:24:37 GMT
Date: Tue, 31 Jan 2023 06:01:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19749
Expires: Tue, 31 Jan 2023 11:30:59 GMT
Date: Tue, 31 Jan 2023 06:01:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10644
Expires: Tue, 31 Jan 2023 08:59:14 GMT
Date: Tue, 31 Jan 2023 06:01:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 05:43:17 GMT
content-type: application/json
age: 1113
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wqlKiSztcU6b25nHqkj82NzfNfwAYz177REE3WZlseNmwaiDsqLTNFVGDXl4ygAYTcBayxd5a04=
x-amz-request-id: E0FH0XK2GHC63ARG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 05:22:05 GMT
age: 2385
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:01:50 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 49bedd625cf71d3981e3d984791852fe
43d9ead724b243d4e1f904162569cf1b59bc2d62
3de6ce9e7a050a4e7d7288ee6ee725c4a43c9f707358f3bcd9bd381787013c8a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:01:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 04:20:53 GMT
Expires: Sun, 05 Feb 2023 04:20:52 GMT
Etag: "43d9ead724b243d4e1f904162569cf1b59bc2d62"
Cache-Control: max-age=425341,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79203c2a6b53b4ed-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 05:49:04 GMT
age: 766
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
inew24hr.com/
63.250.43.2200 OK 13 kB IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash c5b4b69e39e981e49d9c8668dcae9a13
10870daa3f976ef33f971e6be17911096abbda09
a8fe92b7dfafbe45462fb90d1e125b1ee6c6d96a68c89828bcec701233bebfcd
GET / HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:00:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://inew24hr.com/wp-json/>; rel="https://api.w.org/"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 65
accept-ranges: bytes
x-cache: HIT
content-length: 12894
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14076
Expires: Tue, 31 Jan 2023 09:56:27 GMT
Date: Tue, 31 Jan 2023 06:01:51 GMT
Connection: keep-alive
inew24hr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
63.250.43.2200 OK 12 kB URL HTTP/2 inew24hr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 63.250.43.2:0
File type ASCII text, with very long lines (47826)
Hash 981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: text/css
last-modified: Sat, 17 Dec 2022 11:43:00 GMT
vary: Accept-Encoding
etag: W/"639dab44-172a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 12518
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-includes/css/classic-themes.min.css?ver=1
63.250.43.2200 OK 217 B URL HTTP/2 inew24hr.com/wp-includes/css/classic-themes.min.css?ver=1
IP 63.250.43.2:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: text/css
content-length: 217
last-modified: Sat, 17 Dec 2022 11:43:00 GMT
etag: "639dab44-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/css/fonts.css
63.250.43.2200 OK 455 B URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/css/fonts.css
IP 63.250.43.2:0
Hash 5f2e85bcd731b259b4aa6a75bdc072d3
23a93594c7c70535cc6591da4ec4a330c4d01cab
f7620f9f7e578cda469a1abd75d6e164c069bcf4ab573de930355362cb45dd47
GET /wp-content/themes/hitmag/css/fonts.css HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: text/css
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-d5a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 455
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.86.11101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.86.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XO1nH0qjs38ACVX29RatWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: olZFIXDB2MQuJD4OfSs8uuiQlpE=
inew24hr.com/wp-content/themes/hitmag/style.css?ver=6.1.1
63.250.43.2200 OK 13 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/style.css?ver=6.1.1
IP 63.250.43.2:0
File type ASCII text, with very long lines (659)
Hash f7253a622df81af966d929e87add4cb1
380351d3173a93687da9ed668f00c47ee1ce5119
51412b380c732500e795e5aa36604f7b0e38ca22c31bbd3a2e15512d0007203d
GET /wp-content/themes/hitmag/style.css?ver=6.1.1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: text/css
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-11130"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 12812
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
63.250.43.2200 OK 7.1 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
IP 63.250.43.2:0
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
GET /wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: text/css
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-7918"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 7050
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
63.250.43.2200 OK 31 kB URL HTTP/2 inew24hr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 63.250.43.2:0
File type ASCII text, with very long lines (65447)
Hash 2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 11:43:01 GMT
vary: Accept-Encoding
etag: W/"639dab45-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 31038
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
63.250.43.2200 OK 4.2 kB URL HTTP/2 inew24hr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 63.250.43.2:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:08:53 GMT
vary: Accept-Encoding
etag: W/"62a9d9e5-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 4169
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-26-348x215.jpg
63.250.43.2200 OK 15 kB URL HTTP/2 inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-26-348x215.jpg
IP 63.250.43.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 348x215, components 3\012- data
Hash 0f8a77b23cef67cb8911683d82f158dc
1076e314e80132eefd137907cf15f0240eadac79
262bb2bf794a30d887395678b00f245e00253702e0781b832d85789cb9347e3f
GET /wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-26-348x215.jpg HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:57:47 GMT
content-type: image/jpeg
content-length: 14695
last-modified: Tue, 31 Jan 2023 05:56:32 GMT
etag: "63d8ad90-3967"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 243
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
63.250.43.2200 OK 416 B URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
IP 63.250.43.2:0
Hash e6f53264ebf762f651ef3c426aba7d7a
c94c31f4cdc7976febd8b722771d433fcd460d87
e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404
GET /wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:03 GMT
content-type: application/javascript
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-2ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 416
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/js/navigation.js?ver=20151215
63.250.43.2200 OK 1.4 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/js/navigation.js?ver=20151215
IP 63.250.43.2:0
Hash 35fdb76fc8e506633f47811c1b230c24
ece4f110b59319275e869345a122db43be784e51
5082959004f8a45ee0f6093b9d7f86e00e328f120342c0f1455fef3278be8672
GET /wp-content/themes/hitmag/js/navigation.js?ver=20151215 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:02 GMT
content-type: application/javascript
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-f05"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 1356
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/js/scripts.js?ver=6.1.1
63.250.43.2200 OK 579 B URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/js/scripts.js?ver=6.1.1
IP 63.250.43.2:0
File type ASCII text, with CRLF line terminators
Hash a36d4322ed87b11cd05a5fbf9d3135bc
bd8cca6629629708ec5054bd6c25fc2a9d2bb036
bb9a754b70d6ba81817318910d9af6a4d9efeffcd026388f9eec5a6822fd9d5f
GET /wp-content/themes/hitmag/js/scripts.js?ver=6.1.1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:03 GMT
content-type: application/javascript
last-modified: Sun, 18 Dec 2022 01:41:24 GMT
vary: Accept-Encoding
etag: W/"639e6fc4-549"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 579
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b164c3f173302690d8d9955f0cc2b37
00dbe30536ff4fc9b9c63535556300f977aacbe4
300ba600b6998efa2b94abe5c76d48ee26352cfb76892ff0705ec565c1fb4045
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "300BA600B6998EFA2B94ABE5C76D48EE26352CFB76892FF0705EC565C1FB4045"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3009
Expires: Tue, 31 Jan 2023 06:52:00 GMT
Date: Tue, 31 Jan 2023 06:01:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5d93558853de630a3397e00efcb89b0
ec7f2eb0ae6fc8d9a31ce2b233318cef4e005f23
8cfe43c0d65b5535b03a7c3b39eb32f11fff0033737ec2929ca60eef66a3eb2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CFE43C0D65B5535B03A7C3B39EB32F11FFF0033737EC2929CA60EEF66A3EB2A"
Last-Modified: Mon, 30 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 12:01:51 GMT
Date: Tue, 31 Jan 2023 06:01:51 GMT
Connection: keep-alive
pl18104420.highperformancecpmgate.com/4d8b9b60898b8e4353486159ec959abd/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 pl18104420.highperformancecpmgate.com/4d8b9b60898b8e4353486159ec959abd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25126), with no line terminators
Hash 4db7afcd199643db9055d70d8e873b1a
8d5a959d7a723bb8cc1e830dd60be4dd6f733691
ececcf2ea2ac8a6097ebc605871034cef5f4308b50c9a0149fc733800da7fbaa
Analyzer Verdict Alert quad9 Sinkholed
GET /4d8b9b60898b8e4353486159ec959abd/invoke.js HTTP/1.1
Host: pl18104420.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 06:01:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d215f9504eebd36abbc0312c188a23b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl18104387.highperformancecpmgate.com/ef/4b/e8/ef4be830a3275eec3f500639020f74a8.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 pl18104387.highperformancecpmgate.com/ef/4b/e8/ef4be830a3275eec3f500639020f74a8.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37162), with no line terminators
Hash 5c031c4ae9b735756665a409ce34d34e
99c5a1d9e714e6f06dc7b4ac63e04336fc8ae16d
94ecbd5f55345d9943238696a623207d78eb37bed6e665d0d6e7aa2602fd8719
Analyzer Verdict Alert quad9 Sinkholed
GET /ef/4b/e8/ef4be830a3275eec3f500639020f74a8.js HTTP/1.1
Host: pl18104387.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc137a89c81887182b4fbb7bcbe2cd4f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pugdisguise.com/2207c41952df20cfc02952b47f1d5072/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 pugdisguise.com/2207c41952df20cfc02952b47f1d5072/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25117), with no line terminators
Hash b72b2ed029b8144e3533eaf0fd19f75e
450061fd2ed03cd9f972cb525812cf6ca3b48863
85fe540404a457aca83ecabff21de2b399bac489007574bea4bcd189a9f7193e
Analyzer Verdict Alert quad9 Sinkholed
GET /2207c41952df20cfc02952b47f1d5072/invoke.js HTTP/1.1
Host: pugdisguise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 06:01:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f764dddf28083d5807f606c7ad7bca7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10181
Expires: Tue, 31 Jan 2023 08:51:33 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash faf1d8a7f1edd1251b55117f41d77161
7e6b55f7968cc7381b7aa4deeed12d2692f135a2
8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 06:01:52 GMT
Etag: "63d7c69b-1d7"
Last-Modified: Tue, 31 Jan 2023 05:12:56 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WoI9Py3UAenPflmhUWGmPbDJtkxZK8tgK8Zckx9h2sZFL-oIwqe2pQ==
Age: 2936
inew24hr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
63.250.43.2200 OK 5.0 kB URL HTTP/2 inew24hr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 63.250.43.2:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:03 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:08:53 GMT
vary: Accept-Encoding
etag: W/"62a9d9e5-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
content-length: 5004
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e162de72c95ab379c6add39e4d0d45e
58867663ee656b7f57837aecc373a691128971a9
2ce06103790fcd26097ebccab136423ac759038f5298d6d515206c73f3a8652c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CE06103790FCD26097EBCCAB136423AC759038F5298D6D515206C73F3A8652C"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5645
Expires: Tue, 31 Jan 2023 07:35:57 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 50e6474efe6f258b9c59e80ca325e5fc
4b5825a9c0400b25b41944bd755f9772e48eaefa
8cb9eb98df8483b939c47e9da84f01adb12a648f0d140a514b1dae63707ddfde
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://inew24hr.com
access-control-allow-credentials: true
set-cookie: uid_id2=dd597647-1fea-4ef8-8c76-33c631b44645:1:1; expires=Fri, 28 Jan 2033 06:01:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/97q-VzuQ-Mw
IP 142.250.74.131:0
Hash 19d2121c909390df60c955dbce91f24b
0f0683a38a504e6aa56262063144be4ddd9f3666
ce3c8be399bfa1581b18881e150746564cc0ead728a4cbf64317509d7f8f53ec
POST /s/gts1p5/97q-VzuQ-Mw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
inew24hr.com/wp-content/themes/hitmag/fonts/lato-regular-latin.woff2
63.250.43.2200 OK 24 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/fonts/lato-regular-latin.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /wp-content/themes/hitmag/fonts/lato-regular-latin.woff2 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://inew24hr.com/wp-content/themes/hitmag/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:04 GMT
content-type: font/woff2
content-length: 23580
last-modified: Sun, 18 Dec 2022 01:41:25 GMT
etag: "639e6fc5-5c1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://inew24hr.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2
63.250.43.2200 OK 29 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 29320, version 1.0\012- data
Hash 523215f3b621ae9406e84e39e7976e67
3ff9b171c3ccbd71c73121b803da01b62c033ed9
78cfcd698660fe6904cdccf493e82f639a1a08707c35df07be4566e511bb04cc
GET /wp-content/themes/hitmag/fonts/ubuntu-bold-webfont.woff2 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://inew24hr.com/wp-content/themes/hitmag/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:04 GMT
content-type: font/woff2
content-length: 29320
last-modified: Sun, 18 Dec 2022 01:41:25 GMT
etag: "639e6fc5-7288"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://inew24hr.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2
63.250.43.2200 OK 19 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 18992, version 1.0\012- data
Hash 8b1081927e10196dfa2642487a7b2e8c
b9b32eabae814e96e10c20e43d87a5cafc4dc0d4
c3980ea8f019855a578aef98e57530e78df585bce65b79b9f86a3356fa748bf3
GET /wp-content/themes/hitmag/fonts/opensans-bold-webfont.woff2 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://inew24hr.com/wp-content/themes/hitmag/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:04 GMT
content-type: font/woff2
content-length: 18992
last-modified: Sun, 18 Dec 2022 01:41:25 GMT
etag: "639e6fc5-4a30"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://inew24hr.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash e684e60696bd0328498268fd3b41c10a
1866adf31b450165230123589c094ed7dd81d7a8
9fb8d871a9f3f716417e1f5d70e9021966faacb616764cfc3c01752a1041bd55
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://inew24hr.com
access-control-allow-credentials: true
set-cookie: uid_id2=c7bbcb49-7e3f-4fad-995a-735a4da44615:3:1; expires=Fri, 28 Jan 2033 06:01:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 3d0a59457c770f2681fb1918d208eaab
107ea97b98c24a9c9dc445ae652c6eb7a3493eb4
d17f237ab61bcc19b3f7bd683eddfd0a70b199858919a443b67b25d43bfcb278
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://inew24hr.com
access-control-allow-credentials: true
set-cookie: uid_id2=4591e17c-1342-459c-8d31-974d485fe6c4:1:1; expires=Fri, 28 Jan 2033 06:01:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10181
Expires: Tue, 31 Jan 2023 08:51:33 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
inew24hr.com/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
63.250.43.2200 OK 77 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://inew24hr.com/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:04 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sun, 18 Dec 2022 01:41:25 GMT
etag: "639e6fc5-12d68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://inew24hr.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2
63.250.43.2200 OK 29 kB URL HTTP/2 inew24hr.com/wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 28592, version 1.0\012- data
Hash a72bbb5a10e8ff13010604a1bb4a4037
4accf5cfaa94279c6cfdf8cda1c75270e8278761
c07bdac3cac751c087419fb7be13f75451845e648c0c67376ce388216693265c
GET /wp-content/themes/hitmag/fonts/ubuntu-regular-webfont.woff2 HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://inew24hr.com/wp-content/themes/hitmag/css/fonts.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:04 GMT
content-type: font/woff2
content-length: 28592
last-modified: Sun, 18 Dec 2022 01:41:25 GMT
etag: "639e6fc5-6fb0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://inew24hr.com
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 228
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
waust.at/d.js
172.67.71.57200 OK 30 kB IP 172.67.71.57:0
File type ASCII text, with very long lines (14706), with no line terminators
Hash fb2be497b851ee1eee29d256a0fe8ced
62ed4df85d970304508917e8a778ec0f17a6bf41
69b1944acffba03a171282b5c02e90f9259fed53c1e9418e7b98382d9b85c633
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:51 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
etag: W/"63c04130-3972"
expires: Wed, 01 Feb 2023 05:09:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 3162
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FuC7vFHdslaet8KnKbYC%2FQorhMbP%2FAdgfhMgCOhG2zKlz91wngDSwcpOZBgTe2hC7vGa1Hx2LafJU%2BwFK9SdH9lNl9ToYx6nTOG2jKedmKchw3XcA8knTJl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c2f3ddd1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-24-348x215.jpg
63.250.43.2200 OK 25 kB URL HTTP/2 inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-24-348x215.jpg
IP 63.250.43.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 348x215, components 3\012- data
Hash 8c5a398ebf672b8d22f4c7f3cb98fa94
1ac55d9c7e2c0e1f26f5260831cdaa8f1e65c515
cf074fba5d42e54a83cec587cce1aafb4567ae52bfdbfce803960f7aed1e723d
GET /wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-24-348x215.jpg HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:59:18 GMT
content-type: image/jpeg
content-length: 24656
last-modified: Tue, 31 Jan 2023 05:01:09 GMT
etag: "63d8a095-6050"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 154
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/uploads/2023/01/84901as-735x400-1-348x215.jpg
63.250.43.2200 OK 22 kB URL HTTP/2 inew24hr.com/wp-content/uploads/2023/01/84901as-735x400-1-348x215.jpg
IP 63.250.43.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 348x215, components 3\012- data
Hash eaff645c98b54ad6818d4291fb66a320
bc24e6569ec68940184e8fddd0dbff818c17d603
57b167c41fd0dde53659430805d4e069cf0a47798f1b192e468f2618c137ae96
GET /wp-content/uploads/2023/01/84901as-735x400-1-348x215.jpg HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:25 GMT
content-type: image/jpeg
content-length: 21925
last-modified: Tue, 31 Jan 2023 04:48:24 GMT
etag: "63d89d98-55a5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 206
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-23-348x215.jpg
63.250.43.2200 OK 21 kB URL HTTP/2 inew24hr.com/wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-23-348x215.jpg
IP 63.250.43.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 348x215, components 3\012- data
Hash 60b050b5c6d71a93b8269c8821dc1e9a
2c5adeace957538c618c89be1c7e953f263f475b
13012688e83089a2c628805edaa357872c0a95266e5c41d1b7bd8de90f788aee
GET /wp-content/uploads/2023/01/327144820_545750480825037_5237070296958746588_n-23-348x215.jpg HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:58:25 GMT
content-type: image/jpeg
content-length: 21237
last-modified: Tue, 31 Jan 2023 03:59:07 GMT
etag: "63d8920b-52f5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 206
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
shaggyselectmast.com/5b/f9/b5/5bf9b5530ceb92fe362d6d64f0eb5c5b.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 shaggyselectmast.com/5b/f9/b5/5bf9b5530ceb92fe362d6d64f0eb5c5b.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 65ad9771fb79d4e18d2f0c0e5dadf5f1
1e0474952c74fc79b5510e08bbe51bc5a779970c
a89d862f3c8498e32f55d05ae963999ab5e573d60853d4c4416b06772e37cdab
Analyzer Verdict Alert quad9 Sinkholed
GET /5b/f9/b5/5bf9b5530ceb92fe362d6d64f0eb5c5b.js HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68420edbdfc67eb00d28f6d4ee5d22e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Tue, 31 Jan 2023 07:02:48 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Tue, 31 Jan 2023 07:02:48 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Tue, 31 Jan 2023 07:02:48 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Tue, 31 Jan 2023 07:02:48 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:26:31 GMT
age: 5721
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mXlQ5A2PHadECkKglPquN9x68ubYk8s2to-_JjCgEQe7axfJo6K8Jw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 07:53:36 GMT
age: 79696
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 14616
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 29827
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 28709
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 8495
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b85072a5be3e4459aa5adb089226b305
3e4b31b98588988bd9c91df99f53e7cb89f7959e
783ab0eb8e70a30cb32af4effc27fca36769425f86fbc9e883d6c6573e47c19c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "783AB0EB8E70A30CB32AF4EFFC27FCA36769425F86FBC9E883D6C6573E47C19C"
Last-Modified: Sun, 29 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12785
Expires: Tue, 31 Jan 2023 09:34:57 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d0bbccfc266a556efc3602600196879
c4ed1ea21195d0e3462f369a760c6afffc382e87
10a64b76f0c98f842a6750007eccc8c4bd737ef490b5ec594d081ae8c4c3dce4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10A64B76F0C98F842A6750007ECCC8C4BD737EF490B5EC594D081AE8C4C3DCE4"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12214
Expires: Tue, 31 Jan 2023 09:25:26 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d0bbccfc266a556efc3602600196879
c4ed1ea21195d0e3462f369a760c6afffc382e87
10a64b76f0c98f842a6750007eccc8c4bd737ef490b5ec594d081ae8c4c3dce4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10A64B76F0C98F842A6750007ECCC8C4BD737EF490B5EC594D081AE8C4C3DCE4"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12214
Expires: Tue, 31 Jan 2023 09:25:26 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a37e0f06fb7ffe78207ee5c70bb69092
0e9196de15ff2fef24079f8d89186c2237b78205
48ac08adad5a2e6515adec2731c00a3cd40ae95f08423280d4ae9cb68074e974
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48AC08ADAD5A2E6515ADEC2731C00A3CD40AE95F08423280D4AE9CB68074E974"
Last-Modified: Sun, 29 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14898
Expires: Tue, 31 Jan 2023 10:10:10 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
shaggyselectmast.com/sbar.json?key=ef4be830a3275eec3f500639020f74a8&uuid=dd597647-1fea-4ef8-8c76-33c631b44645%3A1%3A1
173.233.137.36200 OK 4.5 kB URL HTTP/1.1 shaggyselectmast.com/sbar.json?key=ef4be830a3275eec3f500639020f74a8&uuid=dd597647-1fea-4ef8-8c76-33c631b44645%3A1%3A1
IP 173.233.137.36:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6322), with no line terminators
Hash 5988df89ba6a812a3a933e4c6d0a3360
3c1e34adde24abfb9db39a7a39df842589784888
4763b9a1f96757b2a481798f031a64d5d8429ef90527ae282828938e4c9aaf4a
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=ef4be830a3275eec3f500639020f74a8&uuid=dd597647-1fea-4ef8-8c76-33c631b44645%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://inew24hr.com
Access-Control-Allow-Origin: https://inew24hr.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18003888; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
uid_id2=dd597647-1fea-4ef8-8c76-33c631b44645:1:1; expires=Tue, 07 Feb 2023 06:01:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
slecef4be830a3275eec3f500639020f74a8=[3952979]; expires=Tue, 31 Jan 2023 06:01:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f34218f114df39a797b32ec413e99e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 78ab2d5cc6d61c3c29944777767ccefe
a5380ce83cea0350b0ea550ac99d36b0093d220a
5901f2549eee80f63d44390d2c6de7ed62ce5e63b842dc366d58a367a6be9303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5901F2549EEE80F63D44390D2C6DE7ED62CE5E63B842DC366D58A367A6BE9303"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5754
Expires: Tue, 31 Jan 2023 07:37:46 GMT
Date: Tue, 31 Jan 2023 06:01:52 GMT
Connection: keep-alive
shaggyselectmast.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuzm9%2FB8nJIIKg2AcRBXdSPd09f4ywGGMkGJOYjeQmVFdVz5bb09VUdU9PFsHVgMlxPCl46f1mN4u6hEQQT6LM5iIDouPBDOKC6M2LRNCrzOzA4oOq96q%2Bd%2Fi%2B7733t4oDQlGw6aXX9IZKEnYyrFH3masqFbq07oUrrkdr9JR7VaWN4JTbn12m97xHwxp91n1F8nV9sk49Sj3quWeVkbHun5yjUNle26u1aS2o17wwQN%2F8920LB5Y5EL0DcgJKTP6%2F9u1dKD5C2r1zRtr1XGfPvdwtEpZrg57YfSNdT3WZontUxsZBnO4uuqHthJCPjkGnuwsF0L3tmQJEakKcnzxE6e6CJqLeziHTKIFMEYnjKHsjyGQExUbg%2BjqU%2BIEAXODCRaTdWxe0Kdm1Q5TN0AlZ%2BvsvqHJCln55BGn39ulE9d1VnRS50qlFP66g%2BiOozghZsY98w4Eq98Hz96AEQdqtoMT0KSHCdrMRNJe9WLLlQMat5RZvNpZ9nzd8LwqCRhDOrVFqBBWPkMgBmHVQzI5yUMQOisxBV0xdFrZjSptxFPt%2BK%2BCc%2Bz7nYashQuEHrZii4DPuA%2BTZADwZgJtNZGYT62oAU3wDu1bBCgc2J%2BiJCqUkKC1ByQhKRVDmBGWv2hGJrdvqlkhsEXmLXF9kvxrqvLPFdnTekSnZyg7IwzPDnBNf3sG6nLoyDiLZ8inz681QSu7HIaUNv03rNG4GrAWrKih7bC5zQ03Ik7%2F%2FgUxNyEPv3EDE9mGTfXD1OFjxBFg5bNYp2NowaFFspHsqlWU9WDM1rrsQukKWLyG%2F5mwlB%2BSx%2BeBeeH0Vko9Xfl7957vpozfATYXMVHhL3SPoJDeHl3VJti%2Fr0pK7F7NcddUGmw11NWe5XPr0VXmt1EacO2MHn7zIZ8Cs3LsibX6epUKlHUs%2BO62EkOasNlySr87ZqzK6VNi104VJi%2Bz8pZfOnutmRlqrdDoCUxNC3n0bXE3IcSedL6zbP4AyI5iiQrcYk0VA6X3wbBM2G6%2Fcd%2B99vPPbFVhNYJKjnihzUBbV0NSjo89ETYj%2F9AMkcrzy%2BYe%2F1r948wFYVMHKIyMiOf76z8P%2BLXsTHeOA5dfnq9ozFXpJBZYMYIv%2FDfPMjFd%2B9OeBKHGGUWKc7SgxyQeHBls1dWUY01jSuozidhQ3GRXtOGhHrO3JZhQyD7md8Pu3v%2F8XAAD%2F%2FwEAAP%2F%2FwLw3eIwEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 shaggyselectmast.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuzm9%2FB8nJIIKg2AcRBXdSPd09f4ywGGMkGJOYjeQmVFdVz5bb09VUdU9PFsHVgMlxPCl46f1mN4u6hEQQT6LM5iIDouPBDOKC6M2LRNCrzOzA4oOq96q%2Bd%2Fi%2B7733t4oDQlGw6aXX9IZKEnYyrFH3masqFbq07oUrrkdr9JR7VaWN4JTbn12m97xHwxp91n1F8nV9sk49Sj3quWeVkbHun5yjUNle26u1aS2o17wwQN%2F8920LB5Y5EL0DcgJKTP6%2F9u1dKD5C2r1zRtr1XGfPvdwtEpZrg57YfSNdT3WZontUxsZBnO4uuqHthJCPjkGnuwsF0L3tmQJEakKcnzxE6e6CJqLeziHTKIFMEYnjKHsjyGQExUbg%2BjqU%2BIEAXODCRaTdWxe0Kdm1Q5TN0AlZ%2BvsvqHJCln55BGn39ulE9d1VnRS50qlFP66g%2BiOozghZsY98w4Eq98Hz96AEQdqtoMT0KSHCdrMRNJe9WLLlQMat5RZvNpZ9nzd8LwqCRhDOrVFqBBWPkMgBmHVQzI5yUMQOisxBV0xdFrZjSptxFPt%2BK%2BCc%2Bz7nYashQuEHrZii4DPuA%2BTZADwZgJtNZGYT62oAU3wDu1bBCgc2J%2BiJCqUkKC1ByQhKRVDmBGWv2hGJrdvqlkhsEXmLXF9kvxrqvLPFdnTekSnZyg7IwzPDnBNf3sG6nLoyDiLZ8inz681QSu7HIaUNv03rNG4GrAWrKih7bC5zQ03Ik7%2F%2FgUxNyEPv3EDE9mGTfXD1OFjxBFg5bNYp2NowaFFspHsqlWU9WDM1rrsQukKWLyG%2F5mwlB%2BSx%2BeBeeH0Vko9Xfl7957vpozfATYXMVHhL3SPoJDeHl3VJti%2Fr0pK7F7NcddUGmw11NWe5XPr0VXmt1EacO2MHn7zIZ8Cs3LsibX6epUKlHUs%2BO62EkOasNlySr87ZqzK6VNi104VJi%2Bz8pZfOnutmRlqrdDoCUxNC3n0bXE3IcSedL6zbP4AyI5iiQrcYk0VA6X3wbBM2G6%2Fcd%2B99vPPbFVhNYJKjnihzUBbV0NSjo89ETYj%2F9AMkcrzy%2BYe%2F1r948wFYVMHKIyMiOf76z8P%2BLXsTHeOA5dfnq9ozFXpJBZYMYIv%2FDfPMjFd%2B9OeBKHGGUWKc7SgxyQeHBls1dWUY01jSuozidhQ3GRXtOGhHrO3JZhQyD7md8Pu3v%2F8XAAD%2F%2FwEAAP%2F%2FwLw3eIwEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuzm9%2FB8nJIIKg2AcRBXdSPd09f4ywGGMkGJOYjeQmVFdVz5bb09VUdU9PFsHVgMlxPCl46f1mN4u6hEQQT6LM5iIDouPBDOKC6M2LRNCrzOzA4oOq96q%2Bd%2Fi%2B7733t4oDQlGw6aXX9IZKEnYyrFH3masqFbq07oUrrkdr9JR7VaWN4JTbn12m97xHwxp91n1F8nV9sk49Sj3quWeVkbHun5yjUNle26u1aS2o17wwQN%2F8920LB5Y5EL0DcgJKTP6%2F9u1dKD5C2r1zRtr1XGfPvdwtEpZrg57YfSNdT3WZontUxsZBnO4uuqHthJCPjkGnuwsF0L3tmQJEakKcnzxE6e6CJqLeziHTKIFMEYnjKHsjyGQExUbg%2BjqU%2BIEAXODCRaTdWxe0Kdm1Q5TN0AlZ%2BvsvqHJCln55BGn39ulE9d1VnRS50qlFP66g%2BiOozghZsY98w4Eq98Hz96AEQdqtoMT0KSHCdrMRNJe9WLLlQMat5RZvNpZ9nzd8LwqCRhDOrVFqBBWPkMgBmHVQzI5yUMQOisxBV0xdFrZjSptxFPt%2BK%2BCc%2Bz7nYashQuEHrZii4DPuA%2BTZADwZgJtNZGYT62oAU3wDu1bBCgc2J%2BiJCqUkKC1ByQhKRVDmBGWv2hGJrdvqlkhsEXmLXF9kvxrqvLPFdnTekSnZyg7IwzPDnBNf3sG6nLoyDiLZ8inz681QSu7HIaUNv03rNG4GrAWrKih7bC5zQ03Ik7%2F%2FgUxNyEPv3EDE9mGTfXD1OFjxBFg5bNYp2NowaFFspHsqlWU9WDM1rrsQukKWLyG%2F5mwlB%2BSx%2BeBeeH0Vko9Xfl7957vpozfATYXMVHhL3SPoJDeHl3VJti%2Fr0pK7F7NcddUGmw11NWe5XPr0VXmt1EacO2MHn7zIZ8Cs3LsibX6epUKlHUs%2BO62EkOasNlySr87ZqzK6VNi104VJi%2Bz8pZfOnutmRlqrdDoCUxNC3n0bXE3IcSedL6zbP4AyI5iiQrcYk0VA6X3wbBM2G6%2Fcd%2B99vPPbFVhNYJKjnihzUBbV0NSjo89ETYj%2F9AMkcrzy%2BYe%2F1r948wFYVMHKIyMiOf76z8P%2BLXsTHeOA5dfnq9ozFXpJBZYMYIv%2FDfPMjFd%2B9OeBKHGGUWKc7SgxyQeHBls1dWUY01jSuozidhQ3GRXtOGhHrO3JZhQyD7md8Pu3v%2F8XAAD%2F%2FwEAAP%2F%2FwLw3eIwEAAA%3D HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003888; uid_id2=dd597647-1fea-4ef8-8c76-33c631b44645:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6415968155289a11b7eed2e60719997
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.4200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Tue, 31 Jan 2023 07:01:52 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
feignthat.com/pixel/purst?dl=0&th=0&sc=0&rs=2470&rd=2470&fd=540&bv=22.10.v.10&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 feignthat.com/pixel/purst?dl=0&th=0&sc=0&rs=2470&rd=2470&fd=540&bv=22.10.v.10&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2470&rd=2470&fd=540&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
t.dtscout.com/pv/?_a=v&_h=inew24hr.com&_ss=67yypd54dr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=74hm&_cb=_dtspv.c
141.101.120.10200 OK 396 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=inew24hr.com&_ss=67yypd54dr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=74hm&_cb=_dtspv.c
IP 141.101.120.10:0
File type ASCII text, with no line terminators
Hash 95014d68fe5a2ff15085e03684308184
a1d066fce3c1d18f223cfd9e0370b029993886d0
de1e41a9cb5fa0738027e9a55be2efcc1081411e12cb84a7fbd8806c2f2f46d0
GET /pv/?_a=v&_h=inew24hr.com&_ss=67yypd54dr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=74hm&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: m=1; oa=1; df=1675144912
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: application/javascript
x-t: 0.173
x-c: 0
expires: Tue, 31 Jan 2023 06:01:51 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9dyo%2F7M5N6wDGn0oXi2tTjmNmFuvkzzX6%2F3si7lCTiaH0pX4FVqzZPzbrIeo72hW6ufQ0N%2Fuba0yqB1LSqF1fQ0%2Fudh6Fy6znt6xyxicxnTNXV93zUeJq5kc%2FmjOEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79203c372ca99927-ARN
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=535
Expires: Tue, 31 Jan 2023 06:10:48 GMT
Date: Tue, 31 Jan 2023 06:01:53 GMT
Connection: keep-alive
psychologyairport.com/4a/67/65/4a6765ae498bc455a1eb1a5b15094c1c.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 psychologyairport.com/4a/67/65/4a6765ae498bc455a1eb1a5b15094c1c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash cfd6174ed42458a5cbf50055eb4b53f2
a89323a632546dab8470bf9b3679a3fc33420665
2ebfe7bb5877d837c0db0ab06e376f8b1ed56d0d4115f71d4f4b97745f013683
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/67/65/4a6765ae498bc455a1eb1a5b15094c1c.js HTTP/1.1
Host: psychologyairport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86e7042fc4809c7a8c29c41db2dbadf3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
psychologyairport.com/ntv.json?key=2207c41952df20cfc02952b47f1d5072&vstc=1
192.243.61.225200 OK 4.2 kB URL HTTP/1.1 psychologyairport.com/ntv.json?key=2207c41952df20cfc02952b47f1d5072&vstc=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4234), with no line terminators
Hash fda1290bb7b477cf9834ef8f9e30f4b2
be979ded4fdf85679fee1a367d71f05b5d967199
39f0585e1a0c8b7986b608c26dca208dd02a773a8d9802ecb969177d5d6288fa
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=2207c41952df20cfc02952b47f1d5072&vstc=1 HTTP/1.1
Host: psychologyairport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: application/json
Content-Length: 4234
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://inew24hr.com
Access-Control-Allow-Origin: https://inew24hr.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17879114; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 Feb 2023 06:01:53 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 Feb 2023 06:01:53 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 01 Feb 2023 06:01:53 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 01 Feb 2023 06:01:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 639208283ab56a42840911b3d5872c73
Strict-Transport-Security: max-age=0; includeSubdomains
presumeauthorizationcamping.com/ntv.json?key=4d8b9b60898b8e4353486159ec959abd&vstc=4
173.233.137.60200 OK 17 kB URL HTTP/1.1 presumeauthorizationcamping.com/ntv.json?key=4d8b9b60898b8e4353486159ec959abd&vstc=4
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (17052), with no line terminators
Hash d8498181114046ec6ee8c073e840b04e
0d3ab3fbed16f6408e37e6681d6c93cba85ee980
f26c806ad909d714bcdd7c32b4daca1d2bb8650c1a6437a08bc9de00ff8eef6e
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=4d8b9b60898b8e4353486159ec959abd&vstc=4 HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:52 GMT
Content-Type: application/json
Content-Length: 17052
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://inew24hr.com
Access-Control-Allow-Origin: https://inew24hr.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18003921; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 01 Feb 2023 06:01:52 GMT; secure; SameSite=None
nlec4d8b9b60898b8e4353486159ec959abd=[2229337,2229333,2019380,2229329]; expires=Tue, 31 Jan 2023 06:01:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55571795fbdb3e3a572bc79096e56ece
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6011
Expires: Tue, 31 Jan 2023 07:42:04 GMT
Date: Tue, 31 Jan 2023 06:01:53 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
45.133.44.9200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826
GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00a4ab5fce0563b557844d2e4657e41b
f1facd292a31dde9bcce7b06598e2530c09cc56e
a00c4f8441c55c6a943962eeb6ca429b32300851ba279b00b917b3e9f6a8c8d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A00C4F8441C55C6A943962EEB6CA429B32300851BA279B00B917B3E9F6A8C8D6"
Last-Modified: Sun, 29 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14258
Expires: Tue, 31 Jan 2023 09:59:31 GMT
Date: Tue, 31 Jan 2023 06:01:53 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
45.133.44.9200 OK 108 kB URL HTTP/2 cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108061 bytes)
Hash f25a89906f49b309b04a788657e63775
fafed8a699a3942ca5d277b5f329e1e2377d3747
05d3612dca9ad5a805bd967d52285f06a4e8f028a3e94f4cef6031b985b9796d
GET /si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/png
content-length: 108061
server: nginx/1.17.6
last-modified: Fri, 20 Jan 2023 10:18:12 GMT
etag: "63ca6a64-1a61d"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXiLKelHxoizSeFKQSXfPzE7GFYJxjUTXbLK7knN1VfWkTHVXU9U9PclBgouyx%2FGme%2Bp8k2xQl5C9yF5kdSLCMqDuXDQH8wf0IAgePIj0ZCDsg6r3qr53eN%2F7vk938hPiIafHK%2B%2FrLakUnW3WPPeVNZlwXVh3%2BYbrezXvkrsmk4uNS26vukz3dd9r1rxX3XcE29Czged7nu%2F57qI0ItK92QkKmd5t%2B7W2V2sENb%2FZQM88%2Fra5A0sd8O4JeQ6Sj59Yf3gPkg2RxIeXhd3IdPra23GuaKYNunz%2Fg2Qj0UWC%2BKyMjIMo2Z92Q9sxIZ%2Bfg072pwygu7sVA4RyTJxffYTJ%2FnRMhN2900lDBZEg5E%2Bj6A4h1BCSDsH0TUj%2BiACMY%2FkqkvjOsjYF3TxFaYWOycw%2Ff0MWYzLz%2B%2FNI4oMFJXvuda3yTOrEoheVkL0hZGeIND9CtuVAFkdg2ceQnCCJS0heTlhLOYSMhlCiD2od5NWRDvLIQZ46iPmxS5vtyPNaURjV63MNxli9zlhz7iJv8npjLvKQs2qsPrK0D6b6YGYbqdnGhuzD5N%2FBrpew3IHNxsRZ3UaXlygEQWEJCkpQSIIiIyi65R5XNrDlHa5sHvrTHExzvRzorLND93TWEQnZSU%2FIs9U%2BnGd%2BeRcb4tgNAq%2FFGn67GfAo8FjEvKDdDMJGK%2FJ502sFsLKEtOcmVLfkmFx4mSCVY%2FLkUz8ipEew6ghMXgDNfdBi0Ao80PVBY87DVnJIExlTZddpKmoyiTS4LpFmM8g2nR11Ql6YaPPG%2FCEEG81%2F%2F8cnL91f%2FRPMlEhNiQ%2FlDwQddWtwTRdk95ouLLl3Nc1kLLdopdv1jGZi5qv3xGahDV%2B6bPtfvskqoCrv3hA2u0ITLpOOJV8vSM6FWdSGCfLtkl0T4Upu1xdyk%2BTplZW3Fpfi1AhrpU6GoJUHK1HkmJz%2F78WJJ934J0gzhMlLxPmITANSD8HSbdh0NH9wf7ViAKsJjDrrCVMHRV4OTBCefSo5JrO1GSgxmte3f%2F73o28egIYlrDhbRChGD%2F467d%2Bxt9AxDmh2c%2BLGrinRVSWo6sPm5wdZakbzD7%2Bo4jZC5QxCZZzdUBn12emCrTx2RTPyIuEFIozaYdSiHm9HjXZI275ohU3qI7Nj9tvBo%2F8BAAD%2F%2FwEAAP%2F%2F3s6c0W8EAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXiLKelHxoizSeFKQSXfPzE7GFYJxjUTXbLK7knN1VfWkTHVXU9U9PclBgouyx%2FGme%2Bp8k2xQl5C9yF5kdSLCMqDuXDQH8wf0IAgePIj0ZCDsg6r3qr53eN%2F7vk938hPiIafHK%2B%2FrLakUnW3WPPeVNZlwXVh3%2BYbrezXvkrsmk4uNS26vukz3dd9r1rxX3XcE29Czged7nu%2F57qI0ItK92QkKmd5t%2B7W2V2sENb%2FZQM88%2Fra5A0sd8O4JeQ6Sj59Yf3gPkg2RxIeXhd3IdPra23GuaKYNunz%2Fg2Qj0UWC%2BKyMjIMo2Z92Q9sxIZ%2Bfg072pwygu7sVA4RyTJxffYTJ%2FnRMhN2900lDBZEg5E%2Bj6A4h1BCSDsH0TUj%2BiACMY%2FkqkvjOsjYF3TxFaYWOycw%2Ff0MWYzLz%2B%2FNI4oMFJXvuda3yTOrEoheVkL0hZGeIND9CtuVAFkdg2ceQnCCJS0heTlhLOYSMhlCiD2od5NWRDvLIQZ46iPmxS5vtyPNaURjV63MNxli9zlhz7iJv8npjLvKQs2qsPrK0D6b6YGYbqdnGhuzD5N%2FBrpew3IHNxsRZ3UaXlygEQWEJCkpQSIIiIyi65R5XNrDlHa5sHvrTHExzvRzorLND93TWEQnZSU%2FIs9U%2BnGd%2BeRcb4tgNAq%2FFGn67GfAo8FjEvKDdDMJGK%2FJ502sFsLKEtOcmVLfkmFx4mSCVY%2FLkUz8ipEew6ghMXgDNfdBi0Ao80PVBY87DVnJIExlTZddpKmoyiTS4LpFmM8g2nR11Ql6YaPPG%2FCEEG81%2F%2F8cnL91f%2FRPMlEhNiQ%2FlDwQddWtwTRdk95ouLLl3Nc1kLLdopdv1jGZi5qv3xGahDV%2B6bPtfvskqoCrv3hA2u0ITLpOOJV8vSM6FWdSGCfLtkl0T4Upu1xdyk%2BTplZW3Fpfi1AhrpU6GoJUHK1HkmJz%2F78WJJ934J0gzhMlLxPmITANSD8HSbdh0NH9wf7ViAKsJjDrrCVMHRV4OTBCefSo5JrO1GSgxmte3f%2F73o28egIYlrDhbRChGD%2F467d%2Bxt9AxDmh2c%2BLGrinRVSWo6sPm5wdZakbzD7%2Bo4jZC5QxCZZzdUBn12emCrTx2RTPyIuEFIozaYdSiHm9HjXZI275ohU3qI7Nj9tvBo%2F8BAAD%2F%2FwEAAP%2F%2F3s6c0W8EAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXiLKelHxoizSeFKQSXfPzE7GFYJxjUTXbLK7knN1VfWkTHVXU9U9PclBgouyx%2FGme%2Bp8k2xQl5C9yF5kdSLCMqDuXDQH8wf0IAgePIj0ZCDsg6r3qr53eN%2F7vk938hPiIafHK%2B%2FrLakUnW3WPPeVNZlwXVh3%2BYbrezXvkrsmk4uNS26vukz3dd9r1rxX3XcE29Czged7nu%2F57qI0ItK92QkKmd5t%2B7W2V2sENb%2FZQM88%2Fra5A0sd8O4JeQ6Sj59Yf3gPkg2RxIeXhd3IdPra23GuaKYNunz%2Fg2Qj0UWC%2BKyMjIMo2Z92Q9sxIZ%2Bfg072pwygu7sVA4RyTJxffYTJ%2FnRMhN2900lDBZEg5E%2Bj6A4h1BCSDsH0TUj%2BiACMY%2FkqkvjOsjYF3TxFaYWOycw%2Ff0MWYzLz%2B%2FNI4oMFJXvuda3yTOrEoheVkL0hZGeIND9CtuVAFkdg2ceQnCCJS0heTlhLOYSMhlCiD2od5NWRDvLIQZ46iPmxS5vtyPNaURjV63MNxli9zlhz7iJv8npjLvKQs2qsPrK0D6b6YGYbqdnGhuzD5N%2FBrpew3IHNxsRZ3UaXlygEQWEJCkpQSIIiIyi65R5XNrDlHa5sHvrTHExzvRzorLND93TWEQnZSU%2FIs9U%2BnGd%2BeRcb4tgNAq%2FFGn67GfAo8FjEvKDdDMJGK%2FJ502sFsLKEtOcmVLfkmFx4mSCVY%2FLkUz8ipEew6ghMXgDNfdBi0Ao80PVBY87DVnJIExlTZddpKmoyiTS4LpFmM8g2nR11Ql6YaPPG%2FCEEG81%2F%2F8cnL91f%2FRPMlEhNiQ%2FlDwQddWtwTRdk95ouLLl3Nc1kLLdopdv1jGZi5qv3xGahDV%2B6bPtfvskqoCrv3hA2u0ITLpOOJV8vSM6FWdSGCfLtkl0T4Upu1xdyk%2BTplZW3Fpfi1AhrpU6GoJUHK1HkmJz%2F78WJJ934J0gzhMlLxPmITANSD8HSbdh0NH9wf7ViAKsJjDrrCVMHRV4OTBCefSo5JrO1GSgxmte3f%2F73o28egIYlrDhbRChGD%2F467d%2Bxt9AxDmh2c%2BLGrinRVSWo6sPm5wdZakbzD7%2Bo4jZC5QxCZZzdUBn12emCrTx2RTPyIuEFIozaYdSiHm9HjXZI275ohU3qI7Nj9tvBo%2F8BAAD%2F%2FwEAAP%2F%2F3s6c0W8EAAA%3D HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003921; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 725b273e5b08f8420e235e655a54bb17
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Thu, 02 Feb 2023 06:01:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d79787c5ee0933b2b39a9630793f94
47468efa1fa4c08f2d595fc8948d3bc462341bfe
91d589a2248c35896d7c6da948899edba959056aabcf8e41b4f3feebf3f0d9e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91D589A2248C35896D7C6DA948899EDBA959056AABCF8E41B4F3FEEBF3F0D9E2"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20193
Expires: Tue, 31 Jan 2023 11:38:26 GMT
Date: Tue, 31 Jan 2023 06:01:53 GMT
Connection: keep-alive
presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3h0PriC4ehFEB0FQkdnumZ5k2kUW13UluCbZP4LH%2ButJmZqupqp7epKLwQXd4xw8qKfON8kGNSzuyZMgE0GWXDZzWXMwJ28eBfEoPTswWtDvfa%2B%2Fd%2Fi%2B997nO%2Fkp8ZHTk9WPzJbSml5oN%2Fz662sqEaZw9eVb9cBv%2BBfraypZCC%2FWB1Ww%2FbcDv93w36h%2FIPmGudD0A98P%2FKB%2BVVkZm8GFKQuVHkRBI%2FIbYbMRtEMM7P9rl3tw1IPon5LzUGLy1PrDB1B8jKT3wxXpNjKTvvV%2BL9c0MxZ9sX872UhMkaA3h7H1ECf7s24YNyHkqzMwyf7MAUx%2Ft3IApibEexyAJfszmWD9vSdKmYZMwMQzKPpjSD2GomNwcwdKHBOACyyvIOndWza2oJtPWFqxE1L7%2By%2BoYkJqv7%2BApHf%2FslaD%2Bk2j80yZxGEQl1CDMVR3jDQ%2FRLblQRWH4NlnUIIg6ZVQopy6VmoMFY%2Bh5RDUecirT3nIYw956qEnTuq0HcW%2BvxizuNXqhJzzVovzdmdBtEUr7MQ%2Bcl7JGiJLh%2BB6CG63kdptbKghbP4z3HoJJzy4bEK869voixKFJCgcQUEJCkVQZARFv9wT2jVdeU9ol7Nglpuz3CpHJuvu0D2TdWVCdtJT8lw1D%2B%2F8j8fYkCf1UHRYxBb8TtRhHRm22q2wsxC0I8mjdkSZgFMllDsztbqlJuSVP%2F5Eqibk6U%2B%2FAKOHcPoQXL0EmgegxWix6YOuj8KOj63kQCWyaIbrtsFND8KUSLMask1vR5%2BSF6d7eflRCMmPLv167p109PgcuC2R2hKfqF8Iuvru6IYpyO4NUzjyYCXNVE9t0WpnNzOaybPffSg3C2PF0hU3%2FPZdXhEVPLglXXaNJkIlXUe%2Bv6yEkPaqsVySn5bcmmSruVu%2FnNskT6%2Btvnd1qZda6ZwyyRhUHa%2F8A64mpPba89NrfPb4TSg7hs1L9PIjMntQ5hA83YZL5%2BqdIbB63sPSsyjycmSbbP5TKwIt5zVlJdx%2FajbHO%2B4uurYGmt2Z3mDflujrElQP4fJzoyy1R5cefl29b8B0bcS0re0ybfWXE%2FJq7eMq3J4OuULX4dRJXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3b%2F0b8AAAD%2F%2FwEAAP%2F%2FPcps4nQEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3h0PriC4ehFEB0FQkdnumZ5k2kUW13UluCbZP4LH%2ButJmZqupqp7epKLwQXd4xw8qKfON8kGNSzuyZMgE0GWXDZzWXMwJ28eBfEoPTswWtDvfa%2B%2Fd%2Fi%2B997nO%2Fkp8ZHTk9WPzJbSml5oN%2Fz662sqEaZw9eVb9cBv%2BBfraypZCC%2FWB1Ww%2FbcDv93w36h%2FIPmGudD0A98P%2FKB%2BVVkZm8GFKQuVHkRBI%2FIbYbMRtEMM7P9rl3tw1IPon5LzUGLy1PrDB1B8jKT3wxXpNjKTvvV%2BL9c0MxZ9sX872UhMkaA3h7H1ECf7s24YNyHkqzMwyf7MAUx%2Ft3IApibEexyAJfszmWD9vSdKmYZMwMQzKPpjSD2GomNwcwdKHBOACyyvIOndWza2oJtPWFqxE1L7%2By%2BoYkJqv7%2BApHf%2FslaD%2Bk2j80yZxGEQl1CDMVR3jDQ%2FRLblQRWH4NlnUIIg6ZVQopy6VmoMFY%2Bh5RDUecirT3nIYw956qEnTuq0HcW%2BvxizuNXqhJzzVovzdmdBtEUr7MQ%2Bcl7JGiJLh%2BB6CG63kdptbKghbP4z3HoJJzy4bEK869voixKFJCgcQUEJCkVQZARFv9wT2jVdeU9ol7Nglpuz3CpHJuvu0D2TdWVCdtJT8lw1D%2B%2F8j8fYkCf1UHRYxBb8TtRhHRm22q2wsxC0I8mjdkSZgFMllDsztbqlJuSVP%2F5Eqibk6U%2B%2FAKOHcPoQXL0EmgegxWix6YOuj8KOj63kQCWyaIbrtsFND8KUSLMask1vR5%2BSF6d7eflRCMmPLv167p109PgcuC2R2hKfqF8Iuvru6IYpyO4NUzjyYCXNVE9t0WpnNzOaybPffSg3C2PF0hU3%2FPZdXhEVPLglXXaNJkIlXUe%2Bv6yEkPaqsVySn5bcmmSruVu%2FnNskT6%2Btvnd1qZda6ZwyyRhUHa%2F8A64mpPba89NrfPb4TSg7hs1L9PIjMntQ5hA83YZL5%2BqdIbB63sPSsyjycmSbbP5TKwIt5zVlJdx%2FajbHO%2B4uurYGmt2Z3mDflujrElQP4fJzoyy1R5cefl29b8B0bcS0re0ybfWXE%2FJq7eMq3J4OuULX4dRJXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3b%2F0b8AAAD%2F%2FwEAAP%2F%2FPcps4nQEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3h0PriC4ehFEB0FQkdnumZ5k2kUW13UluCbZP4LH%2ButJmZqupqp7epKLwQXd4xw8qKfON8kGNSzuyZMgE0GWXDZzWXMwJ28eBfEoPTswWtDvfa%2B%2Fd%2Fi%2B997nO%2Fkp8ZHTk9WPzJbSml5oN%2Fz662sqEaZw9eVb9cBv%2BBfraypZCC%2FWB1Ww%2FbcDv93w36h%2FIPmGudD0A98P%2FKB%2BVVkZm8GFKQuVHkRBI%2FIbYbMRtEMM7P9rl3tw1IPon5LzUGLy1PrDB1B8jKT3wxXpNjKTvvV%2BL9c0MxZ9sX872UhMkaA3h7H1ECf7s24YNyHkqzMwyf7MAUx%2Ft3IApibEexyAJfszmWD9vSdKmYZMwMQzKPpjSD2GomNwcwdKHBOACyyvIOndWza2oJtPWFqxE1L7%2By%2BoYkJqv7%2BApHf%2FslaD%2Bk2j80yZxGEQl1CDMVR3jDQ%2FRLblQRWH4NlnUIIg6ZVQopy6VmoMFY%2Bh5RDUecirT3nIYw956qEnTuq0HcW%2BvxizuNXqhJzzVovzdmdBtEUr7MQ%2Bcl7JGiJLh%2BB6CG63kdptbKghbP4z3HoJJzy4bEK869voixKFJCgcQUEJCkVQZARFv9wT2jVdeU9ol7Nglpuz3CpHJuvu0D2TdWVCdtJT8lw1D%2B%2F8j8fYkCf1UHRYxBb8TtRhHRm22q2wsxC0I8mjdkSZgFMllDsztbqlJuSVP%2F5Eqibk6U%2B%2FAKOHcPoQXL0EmgegxWix6YOuj8KOj63kQCWyaIbrtsFND8KUSLMask1vR5%2BSF6d7eflRCMmPLv167p109PgcuC2R2hKfqF8Iuvru6IYpyO4NUzjyYCXNVE9t0WpnNzOaybPffSg3C2PF0hU3%2FPZdXhEVPLglXXaNJkIlXUe%2Bv6yEkPaqsVySn5bcmmSruVu%2FnNskT6%2Btvnd1qZda6ZwyyRhUHa%2F8A64mpPba89NrfPb4TSg7hs1L9PIjMntQ5hA83YZL5%2BqdIbB63sPSsyjycmSbbP5TKwIt5zVlJdx%2FajbHO%2B4uurYGmt2Z3mDflujrElQP4fJzoyy1R5cefl29b8B0bcS0re0ybfWXE%2FJq7eMq3J4OuULX4dRJXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3b%2F0b8AAAD%2F%2FwEAAP%2F%2FPcps4nQEAAA%3D HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003921; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b32d61d5f4b01665525ac814b0ae69be
Strict-Transport-Security: max-age=0; includeSubdomains
sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=2956&rd=2956&fd=881&bv=22.10.v.10&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=2956&rd=2956&fd=881&bv=22.10.v.10&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2956&rd=2956&fd=881&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4srkn2j%2BCx%2FnpSpqarqeqenuRicEH3OAcP6qnzTbJBDYt78iTIRJAlCJu5rDmYkzfxJIhH6cnA6IN6P%2FW9w%2Fe99z7dzk%2BIj5wer3xgNpXW9Hy74ddfW1WJMIWrL92qB37Dv1BfVclCeKE%2BqJztvxn47Yb%2Fev09ydfN%2BaYf%2BH7gB%2FUrysrYDM5PUah0Pwoakd8Im42gHWJg%2F1%2B73IOjHkT%2FhJyDEpMn1x4%2BgOJjJL3vLku3npn0jXd7uaaZseiLvdvJemKKBL15GlsPcbI364ZxE0K%2BOAOT7M0UwPR3KgVgakK8xwFYsjejCdbfPWXKNGQCJp5G0R9D6jEUHYObO1DiiABcYGkZSe%2FekrEF3ThFaYVOSO3vv6CKCan99jyS3v1LWg3qN43OM2USh0FcQg3GUN0x0vwA2aYHVRyAZ59ACYKkV0KJcqpaqTFUPIaWQ1DnIa%2Be8pDHHvLUQ08c12k7in1%2FMWZxq9UJOeetFuftzoJoi1bYiX3kvKI1RJYOwfUQ3G4htVtYV0PY%2FEe4tRJOeHDZhHjXt9AXJQpJUDiCghIUiqDICIp%2BuSu0a7ryntAuZ8EsNmexVY5M1t2muybryoRspyfk2Woe3rnvj7Auj%2Buh6LCILfidqMM6Mmy1W2FnIWhHkkftiDIBp0ood2YqdVNNyMu%2F%2F4FUTchTH38GRg%2Fg9AG4ehE0D0CL0WLTB10bhR0fm8m%2BSmTRDNdsg5sehCmRZjVkG962PiEvTPfySu06JD%2B8%2BPPZt9LR47PgtkRqS3ykfiLo6rujG6YgOzdM4ciD5TRTPbVJq53dzGgmn%2FjmfblRGCuuXnbDr9%2FmFVCl%2B7eky67RRKik68i3l5QQ0l4xlkvyw1W3KtlK7tYu5TbJ02sr71y52kutdE6ZZAyqjpb%2FAVcTUnv1uek1PvPLn1B2DJuX6OWHZGZQ5gA83YJL5%2BydIbB63sPSGoq8HNkmm39qRaDlvKashPtPzeb5truLrq2BZnemN9i3Jfq6BNVDuPzsKEvt4cWHX1b2FZiujZi2tR2mrf68Gu2Hlbs9IS89Ck8n7dRxXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3r%2F0b8AAAD%2F%2FwEAAP%2F%2FZsS%2BoXQEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4srkn2j%2BCx%2FnpSpqarqeqenuRicEH3OAcP6qnzTbJBDYt78iTIRJAlCJu5rDmYkzfxJIhH6cnA6IN6P%2FW9w%2Fe99z7dzk%2BIj5wer3xgNpXW9Hy74ddfW1WJMIWrL92qB37Dv1BfVclCeKE%2BqJztvxn47Yb%2Fev09ydfN%2BaYf%2BH7gB%2FUrysrYDM5PUah0Pwoakd8Im42gHWJg%2F1%2B73IOjHkT%2FhJyDEpMn1x4%2BgOJjJL3vLku3npn0jXd7uaaZseiLvdvJemKKBL15GlsPcbI364ZxE0K%2BOAOT7M0UwPR3KgVgakK8xwFYsjejCdbfPWXKNGQCJp5G0R9D6jEUHYObO1DiiABcYGkZSe%2FekrEF3ThFaYVOSO3vv6CKCan99jyS3v1LWg3qN43OM2USh0FcQg3GUN0x0vwA2aYHVRyAZ59ACYKkV0KJcqpaqTFUPIaWQ1DnIa%2Be8pDHHvLUQ08c12k7in1%2FMWZxq9UJOeetFuftzoJoi1bYiX3kvKI1RJYOwfUQ3G4htVtYV0PY%2FEe4tRJOeHDZhHjXt9AXJQpJUDiCghIUiqDICIp%2BuSu0a7ryntAuZ8EsNmexVY5M1t2muybryoRspyfk2Woe3rnvj7Auj%2Buh6LCILfidqMM6Mmy1W2FnIWhHkkftiDIBp0ood2YqdVNNyMu%2F%2F4FUTchTH38GRg%2Fg9AG4ehE0D0CL0WLTB10bhR0fm8m%2BSmTRDNdsg5sehCmRZjVkG962PiEvTPfySu06JD%2B8%2BPPZt9LR47PgtkRqS3ykfiLo6rujG6YgOzdM4ciD5TRTPbVJq53dzGgmn%2FjmfblRGCuuXnbDr9%2FmFVCl%2B7eky67RRKik68i3l5QQ0l4xlkvyw1W3KtlK7tYu5TbJ02sr71y52kutdE6ZZAyqjpb%2FAVcTUnv1uek1PvPLn1B2DJuX6OWHZGZQ5gA83YJL5%2BydIbB63sPSGoq8HNkmm39qRaDlvKashPtPzeb5truLrq2BZnemN9i3Jfq6BNVDuPzsKEvt4cWHX1b2FZiujZi2tR2mrf68Gu2Hlbs9IS89Ck8n7dRxXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3r%2F0b8AAAD%2F%2FwEAAP%2F%2FZsS%2BoXQEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4srkn2j%2BCx%2FnpSpqarqeqenuRicEH3OAcP6qnzTbJBDYt78iTIRJAlCJu5rDmYkzfxJIhH6cnA6IN6P%2FW9w%2Fe99z7dzk%2BIj5wer3xgNpXW9Hy74ddfW1WJMIWrL92qB37Dv1BfVclCeKE%2BqJztvxn47Yb%2Fev09ydfN%2BaYf%2BH7gB%2FUrysrYDM5PUah0Pwoakd8Im42gHWJg%2F1%2B73IOjHkT%2FhJyDEpMn1x4%2BgOJjJL3vLku3npn0jXd7uaaZseiLvdvJemKKBL15GlsPcbI364ZxE0K%2BOAOT7M0UwPR3KgVgakK8xwFYsjejCdbfPWXKNGQCJp5G0R9D6jEUHYObO1DiiABcYGkZSe%2FekrEF3ThFaYVOSO3vv6CKCan99jyS3v1LWg3qN43OM2USh0FcQg3GUN0x0vwA2aYHVRyAZ59ACYKkV0KJcqpaqTFUPIaWQ1DnIa%2Be8pDHHvLUQ08c12k7in1%2FMWZxq9UJOeetFuftzoJoi1bYiX3kvKI1RJYOwfUQ3G4htVtYV0PY%2FEe4tRJOeHDZhHjXt9AXJQpJUDiCghIUiqDICIp%2BuSu0a7ryntAuZ8EsNmexVY5M1t2muybryoRspyfk2Woe3rnvj7Auj%2Buh6LCILfidqMM6Mmy1W2FnIWhHkkftiDIBp0ood2YqdVNNyMu%2F%2F4FUTchTH38GRg%2Fg9AG4ehE0D0CL0WLTB10bhR0fm8m%2BSmTRDNdsg5sehCmRZjVkG962PiEvTPfySu06JD%2B8%2BPPZt9LR47PgtkRqS3ykfiLo6rujG6YgOzdM4ciD5TRTPbVJq53dzGgmn%2FjmfblRGCuuXnbDr9%2FmFVCl%2B7eky67RRKik68i3l5QQ0l4xlkvyw1W3KtlK7tYu5TbJ02sr71y52kutdE6ZZAyqjpb%2FAVcTUnv1uek1PvPLn1B2DJuX6OWHZGZQ5gA83YJL5%2BydIbB63sPSGoq8HNkmm39qRaDlvKashPtPzeb5truLrq2BZnemN9i3Jfq6BNVDuPzsKEvt4cWHX1b2FZiujZi2tR2mrf68Gu2Hlbs9IS89Ck8n7dRxXbZjP5Z%2BU7I4YvEi9UUUhxGjUSAXWZsGyNyE%2F3r%2F0b8AAAD%2F%2FwEAAP%2F%2FZsS%2BoXQEAAA%3D HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003921; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4b37253cf1e03c08996640532b932f5f
Strict-Transport-Security: max-age=0; includeSubdomains
presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Br44L60arG0HqIAgKMn1v5k0yzyLFWivF2iT9Ibi8f29yzZ13H%2Fe%2BN2%2BSjcGidjkLF%2Brq5ZukQQ3FrnQj6ESQEoRmNjULs3JXwYUgLuVNB6IH7jnfud9ZnO%2Bc8%2FFmfkR85PRw8V2zrrSmZ9oNv%2F7yskqEKVz9yvV64Df8s%2FVllcyFZ%2BuDytn%2Ba4Hfbviv1N%2BWfNWcafqB7wd%2BUL%2BorIzN4MyUhUp3o6AR%2BY2w2QjaIQb2%2F7nLPTjqQfSPyCkoMXl85d5dKD5G0vvmgnSrmUlffauXa5oZi77YuZGsJqZI0DuGsfUQJzuzahg3IeSzEzDJzkwBTH%2BrUgCmJsR7EIAlO7M2wfrbjzplGjIBE0%2Bi6I8h9RiKjsHNTShxQAAucGUBSe%2F2FWMLuvaIpRU7IbW%2F%2F4IqJqT227NIenfOazWoXzM6z5RJHAZxCTUYQ3XHSPM9ZOseVLEHnn0IJQiSXgklyqlqpcZQ8RhaDkGdh7x6ykMee8hTDz1xWKftKPb9%2BZjFrVYn5Jy3Wpy3O3OiLVphJ%2FaR86qtIbJ0CK6H4HYDqd3AqhrC5j%2FArZRwwoPLJsRb2kBflCgkQeEICkpQKIIiIyj65bbQrunK20K7nAWz2JzFVjkyWXeTbpusKxOymR6Rp6t5eKe%2BPcCqPKyHosMiNud3og7ryLDVboWduaAdSR61I8oEnCqh3Imp1HU1IS%2F8%2FhCpmpAnPvgEjO7B6T1w9TxoHoAWo%2FmmD7oyCjs%2B1pNdlciiGa7YBjc9CFMizWrI1rxNfUSem%2B7lxdp7kHz%2F3M8nX09HD06C2xKpLfG%2B%2Bomgq2%2BNrpqCbF01hSN3F9JM9dQ6rXZ2LaOZfOyrd%2BRaYay4dMENv3yDV0QFd69Ll12miVBJ15GvzyshpL1oLJfk%2B0tuWbLF3K2cz22Sp5cX37x4qZda6ZwyyRhUHSz8A64mpPbSM9NrfOqXP6HsGDYv0cv3ycygzB54ugGX7p%2F78eFHp79b%2BgPOEFh9XMNSD0VejmyTHX9qRaDlcU5ZCfefnB3jTXcLXVsDzW5Ob7BvS%2FR1CaqHcPnJUZba%2FXP3Pq%2FsCzBdGzFta1tMW%2F3pdLSVuzEhp%2B%2BHFVqCU4d12Y79WPpNyeKIxfPUF1EcRoxGgZxnbRogcxP%2B6537%2FwIAAP%2F%2FAQAA%2F%2F%2Fq%2BLuFdAQAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Br44L60arG0HqIAgKMn1v5k0yzyLFWivF2iT9Ibi8f29yzZ13H%2Fe%2BN2%2BSjcGidjkLF%2Brq5ZukQQ3FrnQj6ESQEoRmNjULs3JXwYUgLuVNB6IH7jnfud9ZnO%2Bc8%2FFmfkR85PRw8V2zrrSmZ9oNv%2F7yskqEKVz9yvV64Df8s%2FVllcyFZ%2BuDytn%2Ba4Hfbviv1N%2BWfNWcafqB7wd%2BUL%2BorIzN4MyUhUp3o6AR%2BY2w2QjaIQb2%2F7nLPTjqQfSPyCkoMXl85d5dKD5G0vvmgnSrmUlffauXa5oZi77YuZGsJqZI0DuGsfUQJzuzahg3IeSzEzDJzkwBTH%2BrUgCmJsR7EIAlO7M2wfrbjzplGjIBE0%2Bi6I8h9RiKjsHNTShxQAAucGUBSe%2F2FWMLuvaIpRU7IbW%2F%2F4IqJqT227NIenfOazWoXzM6z5RJHAZxCTUYQ3XHSPM9ZOseVLEHnn0IJQiSXgklyqlqpcZQ8RhaDkGdh7x6ykMee8hTDz1xWKftKPb9%2BZjFrVYn5Jy3Wpy3O3OiLVphJ%2FaR86qtIbJ0CK6H4HYDqd3AqhrC5j%2FArZRwwoPLJsRb2kBflCgkQeEICkpQKIIiIyj65bbQrunK20K7nAWz2JzFVjkyWXeTbpusKxOymR6Rp6t5eKe%2BPcCqPKyHosMiNud3og7ryLDVboWduaAdSR61I8oEnCqh3Imp1HU1IS%2F8%2FhCpmpAnPvgEjO7B6T1w9TxoHoAWo%2FmmD7oyCjs%2B1pNdlciiGa7YBjc9CFMizWrI1rxNfUSem%2B7lxdp7kHz%2F3M8nX09HD06C2xKpLfG%2B%2Bomgq2%2BNrpqCbF01hSN3F9JM9dQ6rXZ2LaOZfOyrd%2BRaYay4dMENv3yDV0QFd69Ll12miVBJ15GvzyshpL1oLJfk%2B0tuWbLF3K2cz22Sp5cX37x4qZda6ZwyyRhUHSz8A64mpPbSM9NrfOqXP6HsGDYv0cv3ycygzB54ugGX7p%2F78eFHp79b%2BgPOEFh9XMNSD0VejmyTHX9qRaDlcU5ZCfefnB3jTXcLXVsDzW5Ob7BvS%2FR1CaqHcPnJUZba%2FXP3Pq%2FsCzBdGzFta1tMW%2F3pdLSVuzEhp%2B%2BHFVqCU4d12Y79WPpNyeKIxfPUF1EcRoxGgZxnbRogcxP%2B6537%2FwIAAP%2F%2FAQAA%2F%2F%2Fq%2BLuFdAQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Br44L60arG0HqIAgKMn1v5k0yzyLFWivF2iT9Ibi8f29yzZ13H%2Fe%2BN2%2BSjcGidjkLF%2Brq5ZukQQ3FrnQj6ESQEoRmNjULs3JXwYUgLuVNB6IH7jnfud9ZnO%2Bc8%2FFmfkR85PRw8V2zrrSmZ9oNv%2F7yskqEKVz9yvV64Df8s%2FVllcyFZ%2BuDytn%2Ba4Hfbviv1N%2BWfNWcafqB7wd%2BUL%2BorIzN4MyUhUp3o6AR%2BY2w2QjaIQb2%2F7nLPTjqQfSPyCkoMXl85d5dKD5G0vvmgnSrmUlffauXa5oZi77YuZGsJqZI0DuGsfUQJzuzahg3IeSzEzDJzkwBTH%2BrUgCmJsR7EIAlO7M2wfrbjzplGjIBE0%2Bi6I8h9RiKjsHNTShxQAAucGUBSe%2F2FWMLuvaIpRU7IbW%2F%2F4IqJqT227NIenfOazWoXzM6z5RJHAZxCTUYQ3XHSPM9ZOseVLEHnn0IJQiSXgklyqlqpcZQ8RhaDkGdh7x6ykMee8hTDz1xWKftKPb9%2BZjFrVYn5Jy3Wpy3O3OiLVphJ%2FaR86qtIbJ0CK6H4HYDqd3AqhrC5j%2FArZRwwoPLJsRb2kBflCgkQeEICkpQKIIiIyj65bbQrunK20K7nAWz2JzFVjkyWXeTbpusKxOymR6Rp6t5eKe%2BPcCqPKyHosMiNud3og7ryLDVboWduaAdSR61I8oEnCqh3Imp1HU1IS%2F8%2FhCpmpAnPvgEjO7B6T1w9TxoHoAWo%2FmmD7oyCjs%2B1pNdlciiGa7YBjc9CFMizWrI1rxNfUSem%2B7lxdp7kHz%2F3M8nX09HD06C2xKpLfG%2B%2Bomgq2%2BNrpqCbF01hSN3F9JM9dQ6rXZ2LaOZfOyrd%2BRaYay4dMENv3yDV0QFd69Ll12miVBJ15GvzyshpL1oLJfk%2B0tuWbLF3K2cz22Sp5cX37x4qZda6ZwyyRhUHSz8A64mpPbSM9NrfOqXP6HsGDYv0cv3ycygzB54ugGX7p%2F78eFHp79b%2BgPOEFh9XMNSD0VejmyTHX9qRaDlcU5ZCfefnB3jTXcLXVsDzW5Ob7BvS%2FR1CaqHcPnJUZba%2FXP3Pq%2FsCzBdGzFta1tMW%2F3pdLSVuzEhp%2B%2BHFVqCU4d12Y79WPpNyeKIxfPUF1EcRoxGgZxnbRogcxP%2B6537%2FwIAAP%2F%2FAQAA%2F%2F%2Fq%2BLuFdAQAAA%3D%3D HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003921; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1ddf02e1ad058c8e0647530277ce117
Strict-Transport-Security: max-age=0; includeSubdomains
presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4E1yT7R%2FBYfz0pU9PVVHVPT3IxuKB7nIMH9dT5JtmghsU9eRJkIsgShM1c1hzMyZvgRRCP0rMDow%2B63%2Ffqe4fve%2B99upOfEh85PVn9wGwpren5dsOvv7amEmEKV1%2B%2BWQ%2F8hn%2BhvqaShfBCfVD9bP%2FNwG83%2FNfr70m%2BYc43%2FcD3Az%2BoX1FWxmZwfspCpQdR0Ij8RthsBO0QA%2Fv%2F2uUeHPUg%2BqfkHJSYPLn%2B4D4UHyPpfXdZuo3MpG%2B828s1zYxFX%2BzfSjYSUyTozWFsPcTJ%2Fqwbxk0I%2BeIMTLI%2FcwDT360cgKkJ8R4FYMn%2BTCZYf%2B%2BxUqYhEzDxNIr%2BGFKPoegY3NyGEscE4ALLK0h6d5eNLejmY5ZW7ITU%2Fv4LqpiQ2m%2FPI%2Bndu6TVoH7D6DxTJnEYxCXUYAzVHSPND5FteVDFIXj2CZQgSHollCinrpUaQ8VjaDkEdR7y6lMe8thDnnroiZM6bUex7y%2FGLG61OiHnvNXivN1ZEG3RCjuxj5xXsobI0iG4HoLbbaR2GxtqCJv%2FCLdewgkPLpsQ79o2%2BqJEIQkKR1BQgkIRFBlB0S%2F3hHZNV94V2uUsmOXmLLfKkcm6O3TPZF2ZkJ30lDxbzcM79%2F0xNuRJPRQdFrEFvxN1WEeGrXYr7CwE7UjyqB1RJuBUCeXOTK1uqQl5%2Bfc%2FkKoJeerjz8DoIZw%2BBFcvguYBaDFabPqg66Ow42MrOVCJLJrhum1w04MwJdKshmzT29Gn5IXpXl6p3YLkRxd%2FPvtWOnp0FtyWSG2Jj9RPBF19Z3TdFGT3uikcub%2BSZqqntmi1sxsZzeQT37wvNwtjxdJlN%2Fz6bV4RFTy4KV12lSZCJV1Hvr2khJD2irFckh%2BW3Jpkq7lbv5TbJE%2Bvrr5zZamXWumcMskYVB2v%2FAOuJqT26nPTa3zmlz%2Bh7Bg2L9HLj8gsoMwheLoNl87VO0Ng9byHpWdQ5OXINtn8USsCLec1ZSXcf2o2xzvuDrq2Bprdnt5g35bo6xJUD%2BHys6MstUcXH3xZxVdgujZi2tZ2mbb682q0H07nOyEvPQwrdA1OndRlO%2FZj6TcliyMWL1JfRHEYMRoFcpG1aYDMTfiv9x7%2BCwAA%2F%2F8BAAD%2F%2F9oJ6tN0BAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 presumeauthorizationcamping.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4E1yT7R%2FBYfz0pU9PVVHVPT3IxuKB7nIMH9dT5JtmghsU9eRJkIsgShM1c1hzMyZvgRRCP0rMDow%2B63%2Ffqe4fve%2B99upOfEh85PVn9wGwpren5dsOvv7amEmEKV1%2B%2BWQ%2F8hn%2BhvqaShfBCfVD9bP%2FNwG83%2FNfr70m%2BYc43%2FcD3Az%2BoX1FWxmZwfspCpQdR0Ij8RthsBO0QA%2Fv%2F2uUeHPUg%2BqfkHJSYPLn%2B4D4UHyPpfXdZuo3MpG%2B828s1zYxFX%2BzfSjYSUyTozWFsPcTJ%2Fqwbxk0I%2BeIMTLI%2FcwDT360cgKkJ8R4FYMn%2BTCZYf%2B%2BxUqYhEzDxNIr%2BGFKPoegY3NyGEscE4ALLK0h6d5eNLejmY5ZW7ITU%2Fv4LqpiQ2m%2FPI%2Bndu6TVoH7D6DxTJnEYxCXUYAzVHSPND5FteVDFIXj2CZQgSHollCinrpUaQ8VjaDkEdR7y6lMe8thDnnroiZM6bUex7y%2FGLG61OiHnvNXivN1ZEG3RCjuxj5xXsobI0iG4HoLbbaR2GxtqCJv%2FCLdewgkPLpsQ79o2%2BqJEIQkKR1BQgkIRFBlB0S%2F3hHZNV94V2uUsmOXmLLfKkcm6O3TPZF2ZkJ30lDxbzcM79%2F0xNuRJPRQdFrEFvxN1WEeGrXYr7CwE7UjyqB1RJuBUCeXOTK1uqQl5%2Bfc%2FkKoJeerjz8DoIZw%2BBFcvguYBaDFabPqg66Ow42MrOVCJLJrhum1w04MwJdKshmzT29Gn5IXpXl6p3YLkRxd%2FPvtWOnp0FtyWSG2Jj9RPBF19Z3TdFGT3uikcub%2BSZqqntmi1sxsZzeQT37wvNwtjxdJlN%2Fz6bV4RFTy4KV12lSZCJV1Hvr2khJD2irFckh%2BW3Jpkq7lbv5TbJE%2Bvrr5zZamXWumcMskYVB2v%2FAOuJqT26nPTa3zmlz%2Bh7Bg2L9HLj8gsoMwheLoNl87VO0Ng9byHpWdQ5OXINtn8USsCLec1ZSXcf2o2xzvuDrq2Bprdnt5g35bo6xJUD%2BHys6MstUcXH3xZxVdgujZi2tZ2mbb682q0H07nOyEvPQwrdA1OndRlO%2FZj6TcliyMWL1JfRHEYMRoFcpG1aYDMTfiv9x7%2BCwAA%2F%2F8BAAD%2F%2F9oJ6tN0BAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXseD60VXL4LoIAgKMts905NMu8jiuq4E1yT7R%2FBYfz0pU9PVVHVPT3IxuKB7nIMH9dT5JtmghsU9eRJkIsgShM1c1hzMyZvgRRCP0rMDow%2B63%2Ffqe4fve%2B99upOfEh85PVn9wGwpren5dsOvv7amEmEKV1%2B%2BWQ%2F8hn%2BhvqaShfBCfVD9bP%2FNwG83%2FNfr70m%2BYc43%2FcD3Az%2BoX1FWxmZwfspCpQdR0Ij8RthsBO0QA%2Fv%2F2uUeHPUg%2BqfkHJSYPLn%2B4D4UHyPpfXdZuo3MpG%2B828s1zYxFX%2BzfSjYSUyTozWFsPcTJ%2Fqwbxk0I%2BeIMTLI%2FcwDT360cgKkJ8R4FYMn%2BTCZYf%2B%2BxUqYhEzDxNIr%2BGFKPoegY3NyGEscE4ALLK0h6d5eNLejmY5ZW7ITU%2Fv4LqpiQ2m%2FPI%2Bndu6TVoH7D6DxTJnEYxCXUYAzVHSPND5FteVDFIXj2CZQgSHollCinrpUaQ8VjaDkEdR7y6lMe8thDnnroiZM6bUex7y%2FGLG61OiHnvNXivN1ZEG3RCjuxj5xXsobI0iG4HoLbbaR2GxtqCJv%2FCLdewgkPLpsQ79o2%2BqJEIQkKR1BQgkIRFBlB0S%2F3hHZNV94V2uUsmOXmLLfKkcm6O3TPZF2ZkJ30lDxbzcM79%2F0xNuRJPRQdFrEFvxN1WEeGrXYr7CwE7UjyqB1RJuBUCeXOTK1uqQl5%2Bfc%2FkKoJeerjz8DoIZw%2BBFcvguYBaDFabPqg66Ow42MrOVCJLJrhum1w04MwJdKshmzT29Gn5IXpXl6p3YLkRxd%2FPvtWOnp0FtyWSG2Jj9RPBF19Z3TdFGT3uikcub%2BSZqqntmi1sxsZzeQT37wvNwtjxdJlN%2Fz6bV4RFTy4KV12lSZCJV1Hvr2khJD2irFckh%2BW3Jpkq7lbv5TbJE%2Bvrr5zZamXWumcMskYVB2v%2FAOuJqT26nPTa3zmlz%2Bh7Bg2L9HLj8gsoMwheLoNl87VO0Ng9byHpWdQ5OXINtn8USsCLec1ZSXcf2o2xzvuDrq2Bprdnt5g35bo6xJUD%2BHys6MstUcXH3xZxVdgujZi2tZ2mbb682q0H07nOyEvPQwrdA1OndRlO%2FZj6TcliyMWL1JfRHEYMRoFcpG1aYDMTfiv9x7%2BCwAA%2F%2F8BAAD%2F%2F9oJ6tN0BAAA HTTP/1.1
Host: presumeauthorizationcamping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003921; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 99f678ff25238424a533f6abb9b2b16a
Strict-Transport-Security: max-age=0; includeSubdomains
shaggyselectmast.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 shaggyselectmast.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003888; uid_id2=dd597647-1fea-4ef8-8c76-33c631b44645:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
shaggyselectmast.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BB9mTiwiCYh9EFMxs%2F5t%2FrhCMayS4ZuMmkptQXVU9KdPT1VR1T0%2BCYHTB3eN4UvDS%2BSbZoIZlVxBPokz2IgOi48EdxIDozYusoFeZyUDwQdV7Vd87fN%2F33vt7%2BQlxkNPx6mtqR8YxvVitOPYzGzLhqjD2yrrtOhXnkr0hk1pwye5OLt153nWqFedZ%2BxXBttRFz3Edx3Vce0lqEanuxSkKmR413UrTqQRexa0G6Or%2Fvk1uwVALvHNCLkDy0f83v70LyQZI2ncuC7OVqfS5l9t5TDOl0eGHbyRbiSoStM%2FKSFuIksNZN5QZEfLROajkcKYAqrM%2FUYBQjoj1k4swOZzRRNg5OGUaxhAJQn4eRWcAEQ8g6QBMXYfkPxCAcaxcRdK%2BtaJ0QbdPUTpBR2Tu778gixGZ%2B%2BURJO3bi7Hs2msqzjOpEoNuVEJ2B5CtAdL8GNmOBVkcg2XvQXKCpF1C8vFTnFeb9VpQn3cjQecDETXmG6xem%2Fd9VvPdMAhqQXVqjZQDyGiAWPRAjYV8cqSFPLKQpxbafGzTajNynHoURr7fCBhjvs9YtVHjVe4HjchBzibce8jSHljcA9O7SPUutmQPOv8GZrOE4RZMRtDhJQpBUBiCghIUkqDICIpOecBj45nyFo9NHrqz7M2yX%2FZV1tqjBypriYTspSfk4Ylh1oUv72BLjG0RBaFo%2BA71vXpVCOZHVcep%2BU3Hc6J6QBswsoQ056Yyd%2BSIPPn7H0jliDz0zg2E9BgmPgaTj4PmT4AW%2FbrngG72g4aDneRIJqLwgk1dYaoNrkqk2RyybWsvPiGPTQf3wutrEGy48PPaP9%2BNH70BpkukusRb8h5BK77Zv6YKsn9NFYbcvZpmsi136GSoaxnNxNynr4rtQmm%2BfNn0PnmRTYBJebQuTHaFJlwmLUM%2BW5ScC72kNBPkq2WzIcLV3Gwu5jrJ0yurLy0tt1MtjJEqGYDKESHvvg0mR%2BS8lUwX1u6eQOoBdF6inQ%2FJLCDVMVi6C5MOF%2B7b9z4%2B%2BG0dRhHo%2BKwnTC0UednXXnj2GcsR8Z9%2BgFgMFz7%2F8FfvizcfgIYljDgzIhTDr%2F887d8zN9HSFmh2fbqqHV2iE5egcQ8m%2F18%2FS%2FVw4Ud%2FGghjqx%2FG2toPYx1%2FcGqwkWO76gaiETbqjPNQMO7WPb%2FhO47HeVBvCreJzIzY%2Fdvf%2FwsAAP%2F%2FAQAA%2F%2F%2FUtLmejAQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 shaggyselectmast.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BB9mTiwiCYh9EFMxs%2F5t%2FrhCMayS4ZuMmkptQXVU9KdPT1VR1T0%2BCYHTB3eN4UvDS%2BSbZoIZlVxBPokz2IgOi48EdxIDozYusoFeZyUDwQdV7Vd87fN%2F33vt7%2BQlxkNPx6mtqR8YxvVitOPYzGzLhqjD2yrrtOhXnkr0hk1pwye5OLt153nWqFedZ%2BxXBttRFz3Edx3Vce0lqEanuxSkKmR413UrTqQRexa0G6Or%2Fvk1uwVALvHNCLkDy0f83v70LyQZI2ncuC7OVqfS5l9t5TDOl0eGHbyRbiSoStM%2FKSFuIksNZN5QZEfLROajkcKYAqrM%2FUYBQjoj1k4swOZzRRNg5OGUaxhAJQn4eRWcAEQ8g6QBMXYfkPxCAcaxcRdK%2BtaJ0QbdPUTpBR2Tu778gixGZ%2B%2BURJO3bi7Hs2msqzjOpEoNuVEJ2B5CtAdL8GNmOBVkcg2XvQXKCpF1C8vFTnFeb9VpQn3cjQecDETXmG6xem%2Fd9VvPdMAhqQXVqjZQDyGiAWPRAjYV8cqSFPLKQpxbafGzTajNynHoURr7fCBhjvs9YtVHjVe4HjchBzibce8jSHljcA9O7SPUutmQPOv8GZrOE4RZMRtDhJQpBUBiCghIUkqDICIpOecBj45nyFo9NHrqz7M2yX%2FZV1tqjBypriYTspSfk4Ylh1oUv72BLjG0RBaFo%2BA71vXpVCOZHVcep%2BU3Hc6J6QBswsoQ056Yyd%2BSIPPn7H0jliDz0zg2E9BgmPgaTj4PmT4AW%2FbrngG72g4aDneRIJqLwgk1dYaoNrkqk2RyybWsvPiGPTQf3wutrEGy48PPaP9%2BNH70BpkukusRb8h5BK77Zv6YKsn9NFYbcvZpmsi136GSoaxnNxNynr4rtQmm%2BfNn0PnmRTYBJebQuTHaFJlwmLUM%2BW5ScC72kNBPkq2WzIcLV3Gwu5jrJ0yurLy0tt1MtjJEqGYDKESHvvg0mR%2BS8lUwX1u6eQOoBdF6inQ%2FJLCDVMVi6C5MOF%2B7b9z4%2B%2BG0dRhHo%2BKwnTC0UednXXnj2GcsR8Z9%2BgFgMFz7%2F8FfvizcfgIYljDgzIhTDr%2F887d8zN9HSFmh2fbqqHV2iE5egcQ8m%2F18%2FS%2FVw4Ud%2FGghjqx%2FG2toPYx1%2FcGqwkWO76gaiETbqjPNQMO7WPb%2FhO47HeVBvCreJzIzY%2Fdvf%2FwsAAP%2F%2FAQAA%2F%2F%2FUtLmejAQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BB9mTiwiCYh9EFMxs%2F5t%2FrhCMayS4ZuMmkptQXVU9KdPT1VR1T0%2BCYHTB3eN4UvDS%2BSbZoIZlVxBPokz2IgOi48EdxIDozYusoFeZyUDwQdV7Vd87fN%2F33vt7%2BQlxkNPx6mtqR8YxvVitOPYzGzLhqjD2yrrtOhXnkr0hk1pwye5OLt153nWqFedZ%2BxXBttRFz3Edx3Vce0lqEanuxSkKmR413UrTqQRexa0G6Or%2Fvk1uwVALvHNCLkDy0f83v70LyQZI2ncuC7OVqfS5l9t5TDOl0eGHbyRbiSoStM%2FKSFuIksNZN5QZEfLROajkcKYAqrM%2FUYBQjoj1k4swOZzRRNg5OGUaxhAJQn4eRWcAEQ8g6QBMXYfkPxCAcaxcRdK%2BtaJ0QbdPUTpBR2Tu778gixGZ%2B%2BURJO3bi7Hs2msqzjOpEoNuVEJ2B5CtAdL8GNmOBVkcg2XvQXKCpF1C8vFTnFeb9VpQn3cjQecDETXmG6xem%2Fd9VvPdMAhqQXVqjZQDyGiAWPRAjYV8cqSFPLKQpxbafGzTajNynHoURr7fCBhjvs9YtVHjVe4HjchBzibce8jSHljcA9O7SPUutmQPOv8GZrOE4RZMRtDhJQpBUBiCghIUkqDICIpOecBj45nyFo9NHrqz7M2yX%2FZV1tqjBypriYTspSfk4Ylh1oUv72BLjG0RBaFo%2BA71vXpVCOZHVcep%2BU3Hc6J6QBswsoQ056Yyd%2BSIPPn7H0jliDz0zg2E9BgmPgaTj4PmT4AW%2FbrngG72g4aDneRIJqLwgk1dYaoNrkqk2RyybWsvPiGPTQf3wutrEGy48PPaP9%2BNH70BpkukusRb8h5BK77Zv6YKsn9NFYbcvZpmsi136GSoaxnNxNynr4rtQmm%2BfNn0PnmRTYBJebQuTHaFJlwmLUM%2BW5ScC72kNBPkq2WzIcLV3Gwu5jrJ0yurLy0tt1MtjJEqGYDKESHvvg0mR%2BS8lUwX1u6eQOoBdF6inQ%2FJLCDVMVi6C5MOF%2B7b9z4%2B%2BG0dRhHo%2BKwnTC0UednXXnj2GcsR8Z9%2BgFgMFz7%2F8FfvizcfgIYljDgzIhTDr%2F887d8zN9HSFmh2fbqqHV2iE5egcQ8m%2F18%2FS%2FVw4Ud%2FGghjqx%2FG2toPYx1%2FcGqwkWO76gaiETbqjPNQMO7WPb%2FhO47HeVBvCreJzIzY%2Fdvf%2FwsAAP%2F%2FAQAA%2F%2F%2FUtLmejAQAAA%3D%3D HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: u_pl=18003888; uid_id2=dd597647-1fea-4ef8-8c76-33c631b44645:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 833f6aa2006fafc235b0ad7cd0d94625
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d40905f2233c7a912ffc732a4ed1d83e
e8a70b37adb724c0d849c4d2319186ceaa7051d0
ad6ab3caef600fe46b158bcc8213efeeda071303c9ced01fa55ef627f2162cdf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 05:29:14 GMT
Expires: Sat, 04 Feb 2023 05:29:13 GMT
Etag: "e8a70b37adb724c0d849c4d2319186ceaa7051d0"
Cache-Control: max-age=343039,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79203c3e0993b4ed-OSL
inew24hr.com/favicon.ico
63.250.43.2204 No Content 0 B IP 63.250.43.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: inew24hr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=4591e17c-1342-459c-8d31-974d485fe6c4%3A1%3A1; sb_main_ef4be830a3275eec3f500639020f74a8=1; sb_count_ef4be830a3275eec3f500639020f74a8=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=shaggyselectmast.com; ppu_main_5bf9b5530ceb92fe362d6d64f0eb5c5b=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=presumeauthorizationcamping.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 05:58:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 219
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a216b4cdc1c95c59f5463b19f22b873
5aa561794c0e05c475bef80e5e6270b4d7da29fc
8c3ae8bd5d76089e1a403ec1fb1cba3c74e581063c0f6c007302aa2b4039b095
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:01:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 11:33:40 GMT
Expires: Sun, 05 Feb 2023 11:33:39 GMT
Etag: "5aa561794c0e05c475bef80e5e6270b4d7da29fc"
Cache-Control: max-age=451305,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79203c3faae7b4ed-OSL
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
172.64.167.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP 172.64.167.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwZ80Ah8Ksz8KcKzcz6OcwY431qc9eOeodGY%2FQu5Z2QrQTy%2FGjMrwkGLLL2L7vsK%2F0RMjQte9mIP96Ws%2FZ0%2B38WVB4jvdtRlzkGg1I1n9f4kMuRJ4aVIqPwprXjhrPUoXi%2Ft9GVh6bPO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c3daa3de688-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://inew24hr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:01:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 6.7 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash b9634caacb549d84184a80dc49789266
351eee6585f8f85eea954edfe6555973beb6b1fb
af7a6bf911a73bb07bc458e5a4cb7bb93799ee3910268459bfcb31bfa9fa6e0c
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 20:39:00 GMT
vary: Accept-Encoding
etag: W/"63bdcce4-4571"
content-encoding: gzip
cf-cache-status: HIT
age: 3343
expires: Fri, 03 Feb 2023 06:01:53 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 79203c3fe8b6b4ee-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://inew24hr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:01:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!y9o818ynmw&dn=TC&cc=1&r=&pu=https%3A%2F%2Finew24hr.com%2F
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!y9o818ynmw&dn=TC&cc=1&r=&pu=https%3A%2F%2Finew24hr.com%2F
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!y9o818ynmw&dn=TC&cc=1&r=&pu=https%3A%2F%2Finew24hr.com%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://inew24hr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Wed, 01 Feb 2023 06:01:54 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Tue, 31 Jan 2023 06:01:54 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://inew24hr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:01:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!y9o818ynmw&lm=0&ts=1675144929356&dn=TC&iso=0&pu=https%3A%2F%2Finew24hr.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://inew24hr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 31 Jan 2023 06:01:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Tue, 31 Jan 2023 08:09:27 GMT
Date: Tue, 31 Jan 2023 06:01:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Tue, 31 Jan 2023 08:09:27 GMT
Date: Tue, 31 Jan 2023 06:01:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7652
Expires: Tue, 31 Jan 2023 08:09:27 GMT
Date: Tue, 31 Jan 2023 06:01:55 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ef4be830a3275eec3f500639020f74a8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ef4be830a3275eec3f500639020f74a8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ef4be830a3275eec3f500639020f74a8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 06:01:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 181561e6fa2af93879d483b02293ba7e
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5bf9b5530ceb92fe362d6d64f0eb5c5b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5bf9b5530ceb92fe362d6d64f0eb5c5b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4591e17c-1342-459c-8d31-974d485fe6c4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5bf9b5530ceb92fe362d6d64f0eb5c5b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 06:01:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 015db8f8e9f9316399eda62945ef42dd
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
172.64.167.9200 OK 1.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
IP 172.64.167.9:0
Hash 9c6843a5e1f6b9a4a47c89290bf76296
077bade4968a10977cb74983f56cf533cfbc026f
2b35189a05f3f1aaf75514ba8f03a30a638c817716ca68ee2876ebbb7da3d9f9
GET /sb/notifications/software/us/ios/desk-new-big/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 12:16:53 GMT
etag: W/"614c7035-145e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zScHNBUrXE%2BmUR572j4Y%2FTyfxXX1LILN64uDEc3w88ibxY%2F%2FNZMeTYISTVEBzI6MZzj2dnzXXATLpgtIINJT0uSVdmA1ZdF%2Fuc8DutDTYDPQsj2wFJKfgdqw4ZqZPm792YNMFhyF%2FsJ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c3a796fe688-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP 172.64.167.9:0
GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hVTmtIcDBi0r%2F9XSs34zYtEdafcVbNbc%2BfYWwVOHpq4sPsstKxyYsV%2Fkx2zRQIS%2FbKu1E1k4ZTJyJTyFw9cCd%2BDWApQRJGUwuc4ym3WpV2lStUPuNLncBfM8G8Iapu7Ig3r17FDA%2FXz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c3a796ce688-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP 172.64.167.9:0
GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Origin: https://inew24hr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhjSTOTZMQnPZDoKI6tQkndjsWNnOeyIoSJYuQGJL4pQilucei1S%2FI%2B7GQ6a3%2FYZYHwr0Rd%2BbBEpWMbzuiYzgbKN8eSvvgWMLEmOJBa8JJPT5Bnugzb6cYsFvt%2BEyn5AvJXScYxVhR5f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c3a796ae688-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=y9o818ynmw&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site&c=d&x=https%3A%2F%2Finew24hr.com%2F&y=&a=0&v=27&r=6326
104.22.75.171200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=y9o818ynmw&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site&c=d&x=https%3A%2F%2Finew24hr.com%2F&y=&a=0&v=27&r=6326
IP 104.22.75.171:0
GET /pingjs/?k=y9o818ynmw&t=inew24hr.com%20%E2%80%93%20Just%20another%20WordPress%20site&c=d&x=https%3A%2F%2Finew24hr.com%2F&y=&a=0&v=27&r=6326 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:53 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79203c3e6b45f134-ARN
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Finew24hr.com%2F&j=
141.101.120.10200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Finew24hr.com%2F&j=
IP 141.101.120.10:0
GET /i/?l=https%3A%2F%2Finew24hr.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 07:25:12 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 31-Jan-2023 10:01:52 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1675144912; Domain=dtscout.com; Expires=Thu, 11-May-2023 06:01:52 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.764
expires: Tue, 31 Jan 2023 06:01:51 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbgXNxOKgr%2BMXiMH4EbNZ0t0alw6OKM1DdcT%2BAEuHdKfgW2lcgehpbsQnOIpoHkKVY1AZDj6ACnwszH8SjS6Q3Zk0xvn9T2q4kvuNNS6yoKBxb7NvkXK7ydu9OPb4Kc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79203c359bdb9927-ARN
content-encoding: br
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.167.29200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.167.29:0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://inew24hr.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:01:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5013e4bbe3332026b94758390862a392
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 31 Jan 2023 06:01:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7990nFYGM7B5W5gd38IN5d59QDKh%2BAV4itkObFfhTryz4xFpunKs%2FJTjxvjvdhiX3rWnT4x95bGM8cBkErvmVqLGOVLRL0%2B1MKXt%2FIG5%2FHKYJEqtgFAPK7ECxApGgr2bR9yNINM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79203c3519ac8e21-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2