| mynewsj.com/news/uncategorized/ | 172.67.159.13 | 301 Moved Permanently | 185 B |
URL HTTP/1.1mynewsj.com/news/uncategorized/ IP172.67.159.13:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4c555068310076e85908835c721911f5 9ec990aabb4391e139034f68e5e657e0f1d0b74d 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
GET /news/uncategorized/ HTTP/1.1
Host: mynewsj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 21:50:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mynewsj.com/news/uncategorized/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KBjuErwbHZB3yberbM4%2B8D%2FnKUzrPxcAP0JbNoNkClT09BKOn3K1o3rwLzVrzBANmxJ54nrEQ%2FKRT7Zdm7maz8w9EGsfd3iRy9pBuHI%2BxKv8CFTjCqZbTqBgrwoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750f376199f8b4f3-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QL9ken6tf29S88ls6gdKINBGrPdL4Zs-Z7UC5ZdaCMveYIDmb0MkjA==
Age: 2116
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd2560f62890e75b8de444fed96c22f52 334ce0c48e606ee029f31eeb1463af87b1024bb9 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2887
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 21:50:38 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1017811d25642601e984edc1676d118d c177c4f7a897584bf91347fa4990c83d6bfd0321 f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9776
Expires: Tue, 27 Sep 2022 00:33:34 GMT
Date: Mon, 26 Sep 2022 21:50:38 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe7a83245a1adefd871d5816e43276f77 1f6e432c5cdf26913bc4fc553fe274b1e97ba427 22155bd93b8fef3c0309167acd886d4c3f1b6f978473ca43f62bdfbc4c20877b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:38 GMT
Last-Modified: Mon, 26 Sep 2022 20:17:02 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 280
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /cN9C9Q+tYKqCLS/ofjVvxuw3x8nY/1G2GiQp+cD9GpIs/U/3jxGvfAepUhDS900zz4B1bbF4G4=
x-amz-request-id: W612S8Q3F3WF95KJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 21:48:55 GMT
age: 103
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe7a83245a1adefd871d5816e43276f77 1f6e432c5cdf26913bc4fc553fe274b1e97ba427 22155bd93b8fef3c0309167acd886d4c3f1b6f978473ca43f62bdfbc4c20877b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:38 GMT
Last-Modified: Mon, 26 Sep 2022 20:17:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hB02XFOVDEzPKngrqZnkVbqAp9g0OwixyFI09VMHGU9ExCG5laahrQ==
Age: 2393
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5adb7eb1d103eadeeafac36e663ffdd3 23b784388dd634fa736cd60aed71570661e73d02 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:39 GMT
Last-Modified: Mon, 26 Sep 2022 20:05:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3819e2d6124b3c4b6b1ace2c29087a12 4ba047656ff7a91c710a978461dc4c02acc2ddf1 bf588d1c6e86cda2c15f5515d2470be0c986bf66648a87c694338c98bf267386
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BF588D1C6E86CDA2C15F5515D2470BE0C986BF66648A87C694338C98BF267386"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14627
Expires: Tue, 27 Sep 2022 01:54:26 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 20 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb65c39649a2e3383eaf5246380a193cb 8988645c6064ea5298867a37b9783642eabafbe4 0d1c024b49c1ce1caa490be8c9a9311e164c08890f1cd95229b1695341c95431
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BF588D1C6E86CDA2C15F5515D2470BE0C986BF66648A87C694338C98BF267386"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14627
Expires: Tue, 27 Sep 2022 01:54:26 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb562fab68292dda418c0849e1227251b 617de0e863ca6344fc0e49c893d1358231e539e1 3f9a58c4e37b0d2fcf6db079b7db70831b59230165e87bad75d959bf3883645d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F9A58C4E37B0D2FCF6DB079B7DB70831B59230165E87BAD75D959BF3883645D"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Mon, 26 Sep 2022 23:50:51 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash07de9293b936f7f1b41c9c681cd99fe0 441cf97b18a4cbba0f4f2f03378c9468f5310243 63911f626a355a71b707dcfcf2796ced79a70736576ac2c0ef2b3ed3e686b004
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63911F626A355A71B707DCFCF2796CED79A70736576AC2C0EF2B3ED3E686B004"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Mon, 26 Sep 2022 22:49:44 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4072bc63cf602e81786577bda0ab313f 93bd3450dabd4f12252e69a998774f334c86b00d ba0193466768ad226262657258e95af14c1144b6b7694bcab2f4c9501fa67d82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA0193466768AD226262657258E95AF14C1144B6B7694BCAB2F4C9501FA67D82"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11453
Expires: Tue, 27 Sep 2022 01:01:32 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4072bc63cf602e81786577bda0ab313f 93bd3450dabd4f12252e69a998774f334c86b00d ba0193466768ad226262657258e95af14c1144b6b7694bcab2f4c9501fa67d82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA0193466768AD226262657258E95AF14C1144B6B7694BCAB2F4C9501FA67D82"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11453
Expires: Tue, 27 Sep 2022 01:01:32 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3819e2d6124b3c4b6b1ace2c29087a12 4ba047656ff7a91c710a978461dc4c02acc2ddf1 bf588d1c6e86cda2c15f5515d2470be0c986bf66648a87c694338c98bf267386
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BF588D1C6E86CDA2C15F5515D2470BE0C986BF66648A87C694338C98BF267386"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14627
Expires: Tue, 27 Sep 2022 01:54:26 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| ads.themoneytizer.com/lib_fs_close.js | 185.76.9.25 | 200 OK | 1.0 kB |
URL HTTP/2ads.themoneytizer.com/lib_fs_close.js IP185.76.9.25:0 ASN#60068 Datacamp Limited
File typeASCII text, with CRLF line terminators Hashea82537a136501c368cd05e48b1629be 8d966bbbb200639e9aa96521ea1179862ecb6acf da53ad300168ab9e8a0a363d4ed3a4831d3ef60a1e39d1f76655dc25c9cfcfcf
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
etag: W/"62a87d42-297"
pragma: public
x-accel-expires: @1665201705
server: CDN77-Turbo
x-77-nzt: AblMCRTLrgj/hvoAAA
x-77-nzt-ray: CsPMJelCN6g
x-cache: HIT
x-age: 64134
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.223.168.227 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.223.168.227:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7BZSfV9LI2Rk8l0mdKdPIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: th6faEWuB+ZUKvFA+aBDFQ47Zog=
|
|
| benumelan.com/5/2632704 | 139.45.197.239 | 200 OK | 24 kB |
IP139.45.197.239:0
Hash8fed6c92f2e8f6c1f1c16f8a4c513ed3 6741b54f796eb39281f42602c10c09eaa2a98bcf db4376fd3de833bc533d7c55e8c9c2d11494217c3280384c75c47c7876cc95d1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
x-trace-id: 407a85cb92a730b7bbdc23bbbc0f1ea8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:39 GMT; path=/; secure; SameSite=None
oaidts=1664229039; expires=Tue, 26 Sep 2023 21:50:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 | 172.67.13.182 | 200 OK | 21 kB |
URL HTTP/2spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 IP172.67.13.182:0
File typeUnicode text, UTF-8 text, with very long lines (50946), with LF, NEL line terminators Hash480a07c1e9c9c029fd008e943245910b 85cd5a7b48e4128d8a6be72683ae766e3f3819ae 07b8e93e06ea6ba4f732554e35ec445ad53e19f40fecb8827f5687f3904b9f92
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://mynewsj.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f376958f30b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1664229037600 | 51.89.9.253 | 204 No Content | 0 B |
URL HTTP/2onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1664229037600 IP51.89.9.253:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1664229037600 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash463f306a176332c92d2d6a4fa36b64b9 a53467b23d85eef8fed082f6345c438c75e48573 8dd4d13e046e7d73224dbd668d963d2860f62ce7005f29b577afed55cdcf3bad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DD4D13E046E7D73224DBD668D963D2860F62CE7005F29B577AFED55CDCF3BAD"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=887
Expires: Mon, 26 Sep 2022 22:05:26 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| c.tmyzer.com/c/?s=72287&f=6&fi=99 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=72287&f=6&fi=99 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=72287&f=6&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:50:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
geo: rbx
X-IPLB-Request-ID: 5B5A2A9A:B125_36264064:01BB_63321EAF_2072A1B9:1CAD4
X-IPLB-Instance: 38439
|
|
| ads.themoneytizer.com/moneybile.js | 185.76.9.25 | 200 OK | 21 kB |
URL HTTP/2ads.themoneytizer.com/moneybile.js IP185.76.9.25:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (33237) Hash039f44f64776ab105e811c5a043d460a 7ca184452d406cc6a40829bbf130bf2b28414289 0ddcc437d883e716cae47013b618f3712443ae5498347dbfcbdb43f07d6a2d21
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Tue, 27 Sep 2022 04:01:39 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1664251299
server: CDN77-Turbo
x-77-nzt: AblMCRQ2amz/jPoAAA
x-77-nzt-ray: VErBgRUmzDg
x-cache: HIT
x-age: 64140
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| c.tmyzer.com/c/?s=72287&f=6&fi=0 | 54.38.64.100 | 200 OK | 0 B |
URL HTTP/1.1c.tmyzer.com/c/?s=72287&f=6&fi=0 IP54.38.64.100:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=72287&f=6&fi=0 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:50:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:B125_36264064:01BB_63321EAF_2072A1C0:1CAD4
X-IPLB-Instance: 38439
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcfdc1b35b402b4b9d57417f5fb7a4f93 2ca3e24c775984ff6c1e98a51c7e17fa7fa51602 7b0119c5ae9f3e5d1baa10bbfae336a3654742bbb23051f2bb27911c12b9ce8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B0119C5AE9F3E5D1BAA10BBFAE336A3654742BBB23051F2BB27911C12B9CE8B"
Last-Modified: Sat, 24 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14481
Expires: Tue, 27 Sep 2022 01:52:00 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashc06ba34d3e6ff99e38e2ca69da6fff6e e3c50f87bb6cb268fec80010d1cffb5475998519 27a7b653c0547e234631c712eda8e64d860b2ca8ca162d9374fabcc8ed263d9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6038
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:39 GMT
Last-Modified: Mon, 26 Sep 2022 20:10:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash0869109d63ef5270595fb34384023a90 f2ec69fdaca2a0327cd3599ac05d0051df3dee41 c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=548678,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f3769dbefb4f3-OSL
|
|
| my.rtmark.net/gid.js?userId=b88a4e81819d491b8c8d2cb7f6079214 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=b88a4e81819d491b8c8d2cb7f6079214 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash258389529839cfa751e803473102b174 bd81436a157f725b87eb00d82c214248b18d8972 6d2f306cb601fc19344109aed133641586448dc01bd3bda603f094ca625844bd
GET /gid.js?userId=b88a4e81819d491b8c8d2cb7f6079214 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:39 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| c.palama2.com/j/m/u.js?v3333333233322222313123423434443234324311 | 104.21.11.254 | 200 OK | 18 kB |
URL HTTP/2c.palama2.com/j/m/u.js?v3333333233322222313123423434443234324311 IP104.21.11.254:0
File typeASCII text, with very long lines (55511), with no line terminators Hash4e69f8d1f7887d38ab2797457d1444b6 e5547ddb15c01d1e0567e91c8dbb01a59aec820b 78a666f52e92d5e0c2059e4464dd78ac0a2fd7cad1241e775e171cb960444735
GET /j/m/u.js?v3333333233322222313123423434443234324311 HTTP/1.1
Host: c.palama2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 21 Sep 2022 11:05:19 GMT
etag: W/"632aefef-d8d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 465177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPMkG7TOnLG7XdvkvZEMomQ9vJa2TiuqcJbYcgviHA4v6CbjzVlNyvWB%2B76omdExzVD1zJwmT5x%2BTPcdrNIiiNYPjP%2FLX99SvYesKXWfPoGLjoEeQpSHlr3Wb%2FiXKe4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f37684dc9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash17906157d222f6aed3a9ffb07789e4ef 5a4fa70bcb8138fd4b542462c4e272cb25699b0f 8d6f39f2007d3e0b5dd1e31ecedc2dbcf6e7fcda749f857d3ce52e02da3c660a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:39 GMT
Last-Modified: Mon, 26 Sep 2022 20:34:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
|
|
| glimtors.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash39714a884a2080d869920060b9e340b3 103e46ae596096d05232eb882095b87b2e3e8f39 69fb243f7220f17d4b34bb26cc6632d2bc107ee755fa90e123f26a2ef89c69dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69FB243F7220F17D4B34BB26CC6632D2BC107EE755FA90E123F26A2EF89C69DD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9421
Expires: Tue, 27 Sep 2022 00:27:40 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash17906157d222f6aed3a9ffb07789e4ef 5a4fa70bcb8138fd4b542462c4e272cb25699b0f 8d6f39f2007d3e0b5dd1e31ecedc2dbcf6e7fcda749f857d3ce52e02da3c660a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:39 GMT
Last-Modified: Mon, 26 Sep 2022 20:34:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd07e41da019262c812cb8202da87ee45 e528da89590e34167b5704d47eab613e45f5140f 2d0434e760ca32bb9567df9fcbc964f157983c86e85a63895db9436847ca16f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D0434E760CA32BB9567DF9FCBC964F157983C86E85A63895DB9436847CA16F7"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9263
Expires: Tue, 27 Sep 2022 00:25:02 GMT
Date: Mon, 26 Sep 2022 21:50:39 GMT
Connection: keep-alive
|
|
| ads.themoneytizer.com/s/requestform.js?siteId=72287&formatId=6 | 185.76.9.25 | 200 OK | 9.0 kB |
URL HTTP/2ads.themoneytizer.com/s/requestform.js?siteId=72287&formatId=6 IP185.76.9.25:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (459) Hash0aa7e770ec97fc4cd83a4d960d94761f dd125e772150ed02e2094b19202564242236254d 6d316848600caf18b3a12d17be1b1d99166cd174d01fdf26ef734e3cf2426b38
GET /s/requestform.js?siteId=72287&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664315439
server: CDN77-Turbo
x-77-nzt: AblMCRQcRKCh
x-77-nzt-ray: 3eEpxMyzCNw
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
|
|
| glimtors.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Content-Type: application/json
Origin: https://mynewsj.com
Content-Length: 378
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e428245fedbc4bf3af4afdbeaf7dd1ca
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| id5-sync.com/api/config/prebid | 162.19.138.117 | 200 | 134 B |
URL HTTP/1.1id5-sync.com/api/config/prebid IP162.19.138.117:0
File typeJSON data\012- , ASCII text, with no line terminators Hash99be75395b3c89cdd6781761e5a85ad2 225a8b587c3545be2581aa9ac2b630b51679d7be 559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 26 Sep 2022 21:50:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
|
|
| kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F | 51.158.28.83 | 200 OK | 118 B |
URL HTTP/1.1kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F IP51.158.28.83:0
File typeJSON data\012- , ASCII text, with very long lines (317), with no line terminators Hash350908fb75d72054dbfb7a637c6f567a 5014c5a3885141633ce05e86424d4f21a1f3ef44 c368901d92f3ab884788033b4863b060053affe897a504901430c7e9c5970d20
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 26 Sep 2022 21:50:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://mynewsj.com
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash913c61d083eb3043c5860e5de0ff263e 650b8fb90c1ae31ba7343d157461a2d8f77ee41a 59287ca88d16f6883014c0424e1b9f5fa90b33a606115b2a622c234e121b4157
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59287CA88D16F6883014C0424E1B9F5FA90B33A606115B2A622C234E121B4157"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9097
Expires: Tue, 27 Sep 2022 00:22:17 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| lb.eu-1-id5-sync.com/lb/v1 | 141.95.98.67 | 200 | 33 B |
URL HTTP/1.1lb.eu-1-id5-sync.com/lb/v1 IP141.95.98.67:0
File typeJSON data\012- , ASCII text, with no line terminators Hash22a78a33628a209bbec05f4c87c2a5c2 cc439fc604814f474cf692a65cfdc8bee6d3e828 2974a7e03c9cb17f049c3d839bf7c5868334f86892bb383f83693b564ba7f1d9
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://mynewsj.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 26 Sep 2022 21:50:39 GMT
|
|
| borrowdefeat.com/16/63/45/16634562c53f547c47deb1db0259b76a.js | 192.243.61.225 | 200 OK | 20 kB |
URL HTTP/1.1borrowdefeat.com/16/63/45/16634562c53f547c47deb1db0259b76a.js IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59381), with no line terminators Hasha63ed3884191b248cb33e0d1e61bb09c 8569e62fb350984d2fabe62cc11efaf789201d45 de3778541f23cfc0de0ffaed5c86904bd484f3053d510eeaca945f46ae3b032b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /16/63/45/16634562c53f547c47deb1db0259b76a.js HTTP/1.1
Host: borrowdefeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 21:50:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 716123f88fdd72c0aa370f8443ba1997
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| borrowdefeat.com/e3/9e/6d/e39e6de78434e75a812da1a674f8e022.js | 192.243.61.225 | 200 OK | 13 kB |
URL HTTP/1.1borrowdefeat.com/e3/9e/6d/e39e6de78434e75a812da1a674f8e022.js IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37118), with no line terminators Hash3b64901856d1f796bbe13d6d8eaba85f 2e662c60616e5830a626c888b692ec20db00b753 6e4637d7a45dd6a8afc185bf9a8d899ed6e1305ef36828c905202fc85f528728
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /e3/9e/6d/e39e6de78434e75a812da1a674f8e022.js HTTP/1.1
Host: borrowdefeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 21:50:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b0eb59f8634f790a81c01bbe45330b02
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash470c3c3d2ebfbe6d7773c0191b7b978c 9d0f430c8d9b85d91e326317eba71c14e1b6d53d 672008d20d4594fef781c0f8dc413a0c5c33db1470b3c84774fde2c85e1b6058
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "672008D20D4594FEF781C0F8DC413A0C5C33DB1470B3C84774FDE2C85E1B6058"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Mon, 26 Sep 2022 23:20:53 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| dozubatan.com/400/4495524?oo=1&oaid=b88a4e81819d491b8c8d2cb7f6079214 | 139.45.197.237 | 200 OK | 999 B |
URL HTTP/2dozubatan.com/400/4495524?oo=1&oaid=b88a4e81819d491b8c8d2cb7f6079214 IP139.45.197.237:0
Hasha4b333ae03466ba22afe2cc153464647 074f9b09d4a70bf2d8b8fe1c86e640ac8de8a2b0 fed7dce2ce5113fa833e0bf311b64aa5975f8d1ff216454cb2bae746e064df3a
GET /400/4495524?oo=1&oaid=b88a4e81819d491b8c8d2cb7f6079214 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=a413563f5a654b1bbdd83282cd3fc823
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/json
x-trace-id: f0f2d0c5420173759bc2d4495810c9ad
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://mynewsj.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| script.4dex.io/localstore.js | 172.67.75.241 | 200 OK | 23 kB |
URL HTTP/2script.4dex.io/localstore.js IP172.67.75.241:0
File typeASCII text, with very long lines (482) Hash528a797dd3a1c6b76c5ca35755d888cb 82729178006fb8f67bc31178ba6b05f61134bb05 8b5b88754faec08cae0cc999a830e0a6f6a3d6f875c3fb0636e2a3d15cfc483f
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
x-amz-id-2: txac4c56ce13c94b3e8f3f6-0063316a9c
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1664182876788516
x-amz-request-id: txac4c56ce13c94b3e8f3f6-0063316a9c
cf-cache-status: HIT
age: 46098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uEbSIu7r7V92U9eYGAUvrZ%2Bpx3F8fsyhTw1zXAhdIgw%2BpgJJLw3vz177wG7YEP6IVrtXmqlNr7S07KDzRU2zMcxaH3nGf03NVVt%2B%2BcaF8MJNRVf2lUM7lqzIoIOt6dA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f376b3cc50b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash18e63e03996c64ae5798541fbfd9fd15 9cf14a22e5eff72ca9f8f8f2d159622f47c592e3 488d4f9856a4a2315d9d63feaff435a480a35f1e3707f7c8f1e88941d9ebc938
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:40 GMT
Last-Modified: Mon, 26 Sep 2022 21:13:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
|
|
| benumelan.com/42/38?z=3846473 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2benumelan.com/42/38?z=3846473 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /42/38?z=3846473 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=9019c06fa7bf492e9a09448e8a2fbd77; oaidts=1664229039; scm=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c7b55bb5f48ed8045f7865212128ccbf
access-control-expose-headers: X-Sc
set-cookie: OAID=9019c06fa7bf492e9a09448e8a2fbd77; expires=Tue, 26 Sep 2023 21:50:40 GMT; secure; SameSite=None
oaidts=1664229039; expires=Tue, 26 Sep 2023 21:50:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashee09b6ab7cfd6fb00b3abacbba58e7bc 4903c09b843081d2e873e272515d2ac8751a0461 92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 21:50:40 GMT
Last-Modified: Mon, 26 Sep 2022 21:46:50 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: d1-16lD93ZVTik36ZIQ2QHBu4VK4wZdRbpzpRRrg8xn38uYs_vmU4w==
Age: 231
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashee09b6ab7cfd6fb00b3abacbba58e7bc 4903c09b843081d2e873e272515d2ac8751a0461 92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 21:50:40 GMT
Last-Modified: Mon, 26 Sep 2022 21:33:35 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kME8LUidu4roEeVfdcCjNjno_oGYECb_0wyybEz_n-l2L7c2_QRLMg==
Age: 1025
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 312 B |
IP93.184.220.29:0
Hash0316f0c689d8e865ad6b83ef26277056 ac1999271f93ac45dfd3c89cf2b7e66bc36321b4 1ee1f684dfdaddbd0b07a6a6f9ad38d3430065daeaf835352722c5a088296c25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6200
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:40 GMT
Last-Modified: Mon, 26 Sep 2022 20:07:20 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
|
|
| simplewebanalysis.com/stats | 3.66.118.16 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.66.118.16:0
File typeASCII text, with no line terminators Hash9a5570918fb5e1b141ad4d46a692e5e3 23cffb895fb32e2423d5b77a323173fb22e1959a aa05a2720afdf2e843575bde4de41b489e0da91e0fd2549b061b4f09ce82ce77
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
set-cookie: uid_id2=fade8ed4-91e5-40da-b9d4-bf00703688ff:3:1; expires=Thu, 23 Sep 2032 21:50:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| dnacdn.net/dna | 178.250.2.146 | 200 OK | 0 B |
IP178.250.2.146:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qJeejF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQkFFU2h4RVA2Y3NRYlF1OEtlTVRFN1dCakpFJTJGU0VleWdnVCUyRlVDa3Qzb2Q; expires=Sat, 21 Oct 2023 21:50:40 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://mynewsj.com
server-processing-duration-in-ticks: 254488
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 3.66.118.16 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.66.118.16:0
File typeASCII text, with no line terminators Hashcb7b6d80952f63d361847029b012c1cf e19dd917c289f0a2126a9246c55c89e6f1273618 1c7b4cc09454cec47c3b07e9322ee2d34afdc4aaa1888cc56d15242565df9bb6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
set-cookie: uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; expires=Thu, 23 Sep 2032 21:50:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| benumelan.com/27/b7bd02994a2771796f8a835cfb750d4b | 139.45.197.239 | 200 OK | 132 kB |
URL HTTP/2benumelan.com/27/b7bd02994a2771796f8a835cfb750d4b IP139.45.197.239:0
Size132 kB (131591 bytes) Hashe56e7669b3414831e1649e388e945562 72309fa6f1cd6ef3a21b7f9c2e564a03ac4db523 95dbbf38f7dda8d4979245fd0ab1e30eeea56be78bb6f124ea18fa8ea9154f12
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=9019c06fa7bf492e9a09448e8a2fbd77; oaidts=1664229039; scm=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash008bb0f15929580c49beb48408615d01 a28e34ab71eea646efaf0a505a3bd07671bd6012 f612ef9519f2b8baad9918a77a873fb28c691518df1504fb32a47af79b8f7e18
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:50:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=528698,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f376dba22b511-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash18e63e03996c64ae5798541fbfd9fd15 9cf14a22e5eff72ca9f8f8f2d159622f47c592e3 488d4f9856a4a2315d9d63feaff435a480a35f1e3707f7c8f1e88941d9ebc938
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2230
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:40 GMT
Last-Modified: Mon, 26 Sep 2022 21:13:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://mynewsj.com
Content-Length: 1527
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 26 Sep 2022 21:50:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://mynewsj.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash348b8e9ff9789e9d04b35565f1f4a16e a389fe1e390d2177191f58967c5291e9fcf8fea9 42393bbebc5bda5422c410adb413ddebf976d70fea8ca3ae50bd8dfddee645df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42393BBEBC5BDA5422C410ADB413DDEBF976D70FEA8CA3AE50BD8DFDDEE645DF"
Last-Modified: Sun, 25 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20413
Expires: Tue, 27 Sep 2022 03:30:53 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| benumelan.com/9?z=3846473&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b88a4e81819d491b8c8d2cb7f6079214 | 139.45.197.239 | 204 No Content | 0 B |
URL HTTP/2benumelan.com/9?z=3846473&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b88a4e81819d491b8c8d2cb7f6079214 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /9?z=3846473&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b88a4e81819d491b8c8d2cb7f6079214 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe5972f9f6fc0be929a64913dea312cee 33349fdbac15f6ff221faec8544fcd12f89d2b72 e2e6e877fb44749adab6bf278a92c25f32d7212d12825246cd0110a2fce820bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2E6E877FB44749ADAB6BF278A92C25F32D7212D12825246CD0110A2FCE820BB"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13925
Expires: Tue, 27 Sep 2022 01:42:45 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| inpagepush.com/500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 4.9 kB |
URL HTTP/2inpagepush.com/500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hash5d2ce4876369c17cff650568cb180c91 383c99b795059d6f23d4c458c492742d5923ac60 3d94bff5d1a808f832e094d95f5b72b423263e84989395e9dcc894ac72adf92c
OPTIONS /500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| benumelan.com/11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=164 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2benumelan.com/11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=164 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=164 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; oaidts=1664229039; scm=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ea95fb84b6ad9555c6998ad55977d14e
access-control-expose-headers: X-Sc
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:40 GMT; secure; SameSite=None
oaidts=1664229039; expires=Tue, 26 Sep 2023 21:50:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdabad6b7764060bb8686bc897cf22c19 bf654d2b96cfdce51abadf5772fdb427f3daaba7 ed0c5939d632a76390de65605121bc06c85d635cfd2f6b937368625030c2ff07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED0C5939D632A76390DE65605121BC06C85D635CFD2F6B937368625030C2FF07"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Tue, 27 Sep 2022 01:42:01 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| script.4dex.io/adagio.js | 172.67.75.241 | 200 OK | 23 kB |
IP172.67.75.241:0
File typeASCII text, with very long lines (65354) Hashdeab6b9a15d1b31da7a9e3d1fff757b3 878b39f11e54be3fecf3d05822c9979986b889b9 293dac1bf1d6c1abfa53f1517f33cf65c9bb810ec4cf81d350b59ec4e068c30c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: txc23635d5c38c4a339b9ad-0063317fb4
access-control-allow-credentials: true
x-amz-request-id: txc23635d5c38c4a339b9ad-0063317fb4
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
etag: W/"def38d7482d5ca96063df889ba7bcc30"
cache-control: public, max-age=1800
x-amz-version-id: 1664182876082916
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR4%2FSpM4TSuP%2BV17phE%2BmUySeLFbXpjpWZHA1QWfK6S4OcGpzlk%2BYdbqu9MpDP7UZ2fQzv6kEFIzvsxYjgk9VDhrSDGf02vQLxkPEJAjmnXFsexR5vHWNvVGVuwWeGgt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f376b9a301c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg | 104.22.32.172 | 200 OK | 13 kB |
URL HTTP/2offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg IP104.22.32.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash375d4eace3e9692bfe2fc21648f4c59a 57ef9b8278b63d567eab92b8607b68cee29071b8 46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b480-3489"
expires: Tue, 27 Sep 2022 13:38:20 GMT
last-modified: Wed, 16 Mar 2022 09:57:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 29540
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f37718f9f95eb-ARN
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png | 104.22.32.172 | 200 OK | 76 kB |
URL HTTP/2offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png IP104.22.32.172:0
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hasha563edd673308b2cd8cc1ec9c0543417 bff09cb9d8c3dadb244db8d24b6f58b8dfab6469 bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: image/png
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Mon, 26 Sep 2022 22:10:19 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 85221
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f3771afb595eb-ARN
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6042
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D3878966887%26z%3D3846473%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DK82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D5733d763-4657-4181-add8-86e88a28cc3c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmynewsj.com%252Fnews%252Funcategorized%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 | 139.45.197.151 | 200 OK | 3.4 kB |
URL HTTP/2interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D3878966887%26z%3D3846473%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DK82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D5733d763-4657-4181-add8-86e88a28cc3c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmynewsj.com%252Fnews%252Funcategorized%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP139.45.197.151:0
Hash5733595ae7e1bb51d36f13f3cdd8a1b2 c33f4333d3fa99dbaf1627efbf661e421d5254b9 8766fd9442094942c362bf5e9e82e5634c3b68c66ab46ab355c405b1ade8c330
GET /?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D3878966887%26z%3D3846473%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DK82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D5733d763-4657-4181-add8-86e88a28cc3c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmynewsj.com%252Fnews%252Funcategorized%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=KOcWePTVPapqen-U6kmJ3s3UzQNf7gRK57f3TQb18IA; expires=Mon, 26-Sep-2022 22:50:40 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| creepingbrings.com/sfp.js | 172.64.128.12 | 200 OK | 28 kB |
URL HTTP/2creepingbrings.com/sfp.js IP172.64.128.12:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash725405ac12f6f8a2c5dea96b907cc076 8582111d92a21afba58ba2ebef2532cf0fcdd347 f16d88e44658b9c58f2fa9a91077412b2e815b1e54359c44938a2246e902dc46
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 483acfc9f757d97903a1e75d4b318b84
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 21:50:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FihmRhq9Ddutf2kW1vP6ayuLLQzheKVS7ofaISPJv3J46sGVsNoX8AD%2B57YRq%2BvRUfT%2B73%2B1%2Bi%2BBPxbNzGAJKHvnot9ZJodoLcSqgJ6u0gQSnGrLSZrfamisZrhoascb6uU51I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f376e0b6ff42b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6042
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6042
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:50:40 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8ea5f06ad31f0cedd2cb5c6df82f35f4 60a83a1618ffae06e49ca3002bac1db9980dcfe8 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qvSIyV7uvUzXFn6Sw3izoZxQoFbmyRzQ9WKl33D7fNTcuV6WXTzD9Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:01:28 GMT
age: 60552
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2fe8c4f0c70fb6c1f4259eabedc7015e 85e378d0fff856832a8dd01743516b9476fed8c6 508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 85224
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash968b9c138702fb5994d1d9eab1a697fa 9660bb2d38079182efbd11d7a687bfc7f9d30751 5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 82844
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd02ede0c964f3346fd53ae2950bf2a62 e49306a3713cb724be024a4ddb5e90645718a718 c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 84600
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 | 178.250.0.157 | 200 OK | 6.0 kB |
URL HTTP/2gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 IP178.250.0.157:0
Hash955587e297de6ebc64bbe8dbdc70cce9 25538589d8d3ee295d79d594f4aab6d3824ab06b a97efbc58b35d5f0f6cf55b485ad2fdedb3eebfb0bd3616e9a72dba595f2c2e5
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://mynewsj.com
server-processing-duration-in-ticks: 452065
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha90590f26bae9ad9e95ffdfbfb7dd21d cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3 33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:02:10 GMT
age: 85710
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| interstitial-07.com/contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg | 139.45.197.151 | 200 OK | 19 kB |
URL HTTP/2interstitial-07.com/contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg IP139.45.197.151:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data Hash591887696d730a6449b8b7387d630f8c 6d3270da32d09e8456956eb63a22f4ddb8c7d1d1 bc664179d3ed921f7a6c959a125faf1cb25a03de68f0b19adf80c92560d0bae4
GET /contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D3878966887%26z%3D3846473%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DK82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D5733d763-4657-4181-add8-86e88a28cc3c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmynewsj.com%252Fnews%252Funcategorized%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: image/jpeg
content-length: 19158
last-modified: Tue, 10 May 2022 15:13:46 GMT
etag: "627a812a-4ad6"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd3ea37777b24ad3132f8bc92164c608e 5701e444a0be8384b9e5e6e04b0c53d5753f638a 167cf989b2eb81bfcba5079d5216c0d83a019938bf47c8b67cbf633fc0070e4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "167CF989B2EB81BFCBA5079D5216C0D83A019938BF47C8B67CBF633FC0070E4B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1961
Expires: Mon, 26 Sep 2022 22:23:22 GMT
Date: Mon, 26 Sep 2022 21:50:41 GMT
Connection: keep-alive
|
|
| interstitial-07.com/contents/s/82/c2/98/967e4b350bb719ede4040f63f0/0955806248559.jpeg | 139.45.197.151 | 200 OK | 35 kB |
URL HTTP/2interstitial-07.com/contents/s/82/c2/98/967e4b350bb719ede4040f63f0/0955806248559.jpeg IP139.45.197.151:0
Hash3fe431688f37a64a24b715eb4f875d2f 2d9af4ed7706d76e9480cbab17c509f621485d3e adc658b66ad110e4faef44c5f88eb3a36d70b62e3d41df1b81e21460bdd42707
GET /contents/s/82/c2/98/967e4b350bb719ede4040f63f0/0955806248559.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D3878966887%26z%3D3846473%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DK82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D5733d763-4657-4181-add8-86e88a28cc3c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fmynewsj.com%252Fnews%252Funcategorized%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: image/jpeg
content-length: 32256
last-modified: Tue, 10 May 2022 15:13:44 GMT
etag: "627a8128-7e00"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf0572919e89ef775d2faafdfee0b86db 1cd16614b2fb1f488f49d4cf9686d9b2591a741c d6a578b97b79ce7801dbf11f1324b4d67fa269216713f3641dd8199c6b329cec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6A578B97B79CE7801DBF11F1324B4D67FA269216713F3641DD8199C6B329CEC"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6845
Expires: Mon, 26 Sep 2022 23:44:46 GMT
Date: Mon, 26 Sep 2022 21:50:41 GMT
Connection: keep-alive
|
|
| unphionetor.com/vctx?t=72747 | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vctx?t=72747 IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 26 Sep 2022 21:50:41 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5c440bbe41493ea1a235253c6fa96fc4
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/fv.js?t=72747&cb=792263956 | 139.45.197.236 | 200 OK | 28 kB |
URL HTTP/2unphionetor.com/fv.js?t=72747&cb=792263956 IP139.45.197.236:0
Hashf7e3d7214584787bbf68d42f753631a2 99b0ff3796984a5001c657cb3f9b6fec1d59f95a 0c928c2688dc84a41641a8c551fd42c9435ec2584812dfd1e0fa32299e6b4a19
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /fv.js?t=72747&cb=792263956 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:41 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 09995359f9ae1e4d8f12b943dc6070a3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ced.sascdn.com/tag/1097/smart.js | 23.36.77.24 | 200 OK | 32 kB |
URL HTTP/1.1ced.sascdn.com/tag/1097/smart.js IP23.36.77.24:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (65536), with no line terminators Hashbe0bdd24329bd53a547db353696d08b2 1a41bc8c58e4ec707b74d094177a218136a26f30 618232978c60bc8d39bbef21c2b8fe00ce7feb4871d49d0bb6a4127748a3a40a
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32487
Cache-Control: public, max-age=7200
Expires: Mon, 26 Sep 2022 23:50:41 GMT
Date: Mon, 26 Sep 2022 21:50:41 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash002d49bafbcc428a44fe523322ad9e05 b39aad0d1e941121f28af8f9b6d76f19216800d5 59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6534001bd01d291785ef0ca6d9e2c46b 45aa90f74282ee6506d789d3f173ef0723de8da7 8b363e76c075e2e03d3cbf5c884f6268ac01580eb9a4afc12767cf87aeb53505
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4692
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:41 GMT
Last-Modified: Mon, 26 Sep 2022 20:32:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| benumelan.com/11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2benumelan.com/11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 IP139.45.197.239:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /11?rnd=1008857176&z=3846473&b=14566424&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=K82JpRUqo7ufk7r9wTzC3WmZlB-UnMKAGh1YJUsESBd1naqby1V7Xm2h_0l4sbUy6JnWyR0QKEO7Jd0q-sligcZ5F8QEyMdCVDR2iCvSHIPJvB9i8RawbPOXzSLTZ8Hb53eDIQXjHdrbSfgseV_a2sZLSMOcha0q5WveXzPuv39G01FU1dp-s71OtzkpqtFt9dlbiyRInWevUQ-rh68gsd6s_LaXi58OVFvHDz_4wR6gB8nVBenw7pqZhiKFJqzyinjpFogPtj_6nwtavc9d22tp-dBv3M2JwQnZjllExX2QpkVmrLfDFziHsqR3OnOO2xttZSIwWEqcIQJvwy9SCBxJPYlefb1QNvhevW2tKm9DzsseshPHRF4Nan-UAhwRRH69VdLABWOS-uW-NYgAzyniSW7oM0U_4T90eLAs4a1Ela17wtd_lMSzLood3qDL7ZPzq2F-Q3eD3kSs-5ATG86Rt15oPXzH1Th-e3WorBItRAglm7_RPl1EIxVnVtiEx2sUhhMbF8w0cl6gUqK4jOKFcbPSpfBkVbBKoHYxiA4Cfhz2CSuF4_KcPzhCpxibJdKQkDNYeWGzLl3ngHD7QlGrmCreZcHgN8Xa3cbqrykzqFXK1z66V2qKQl3inNDXjpVdmfRW8UAyGbCqg0lm6Q==&ruid=5733d763-4657-4181-add8-86e88a28cc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; oaidts=1664229039; scm=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:41 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1b50da8210d9a67af8a2056059d4142c
access-control-expose-headers: X-Sc
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:41 GMT; secure; SameSite=None
oaidts=1664229039; expires=Tue, 26 Sep 2023 21:50:41 GMT; secure; SameSite=None
oaidvc=1; expires=Tue, 26 Sep 2023 21:50:41 GMT; secure; SameSite=None
CNT=1_v1_GETeAAEAAAA9Sy4x; expires=Mon, 26 Sep 2022 22:50:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 104.18.21.226 | 200 OK | 939 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP104.18.21.226:0
Hash62cc6c904bb5c5bd5e0d59fdb167dfbf 94919369317682ec46ad9fb0cc2088ca28b502b8 851f9b7ad3ba2951aac348b757fc1c3fd7122d7063bb45599d4aa4fb983c14ed
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:50:41 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 30 Sep 2022 18:56:57 GMT
ETag: "94919369317682ec46ad9fb0cc2088ca28b502b8"
Last-Modified: Mon, 26 Sep 2022 18:56:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2887
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f3773ddf30b3d-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasheb166e57597c83efa41b969bd403017d a9d20ac8dfbb3121073f78a58e5fe2e623e21bed 184a49b16d6a67abf7e9d1e7499fefdc853cfadf5cd83fe7cb6aaea3e1397eba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184A49B16D6A67ABF7E9D1E7499FEFDC853CFADF5CD83FE7CB6AAEA3E1397EBA"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17128
Expires: Tue, 27 Sep 2022 02:36:09 GMT
Date: Mon, 26 Sep 2022 21:50:41 GMT
Connection: keep-alive
|
|
| cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258 | 142.250.74.34 | 302 Found | 447 B |
URL HTTP/2cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258 IP142.250.74.34:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Hash2494c26bf4bcb8a5350ff6e6d13c3f3c 945fcec6806a1480ca5297edc2ae4dfa6c2abe16 cbb10d1ed17419835be17bdb046da03f0de5f2e1677d47317f3d18139d827400
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258&google_tc=
date: Mon, 26 Sep 2022 21:50:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 26-Sep-2022 22:05:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com | 143.204.55.17 | 200 OK | 44 kB |
URL HTTP/2cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com IP143.204.55.17:0
File typeASCII text, with very long lines (65536), with no line terminators Hash12c79d20072de682215fc3a627a4f26c f1754a0a412afd9b9197376837ffcd6ceb40ca2c 5efe128fddb1fcb54af275e90c40aa8e75f0aba03b9bf9433b2e79f9b0ac9c66
GET /tcfv2/42/cmp2.js?referer=www.themoneytizer.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Mon, 26 Sep 2022 21:50:24 GMT
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rtcJ3WIb7uvv9ZF8P2WXTPEvvotamTfw2UN8QNC8ku27t-tWCEHVmA==
age: 18
X-Firefox-Spdy: h2
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 21:50:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 446d963a46431eb21d5b17b4affb65b1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| mc.yandex.ru/metrika/watch.js | 77.88.21.119 | 200 OK | 57 kB |
URL HTTP/2mc.yandex.ru/metrika/watch.js IP77.88.21.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (570) Hash44366cc385a5c0f49df4f22b71434b42 3f56349f8a3fff52e28a3300052bdc2bde97371c 485ba52769d75db2ed79f65318d37070d09ce3441680aa22caa10ae3cdcb45cd
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57285
date: Mon, 26 Sep 2022 21:50:41 GMT
access-control-allow-origin: *
etag: "632d6d03-dfc5"
expires: Mon, 26 Sep 2022 22:50:41 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 26 Sep 2022 21:50:41 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: dee4ecf7cdf555aa91c48815464147e0
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| buttons-config.sharethis.com/js/61297b2724fac90012c3ba72.js | 54.230.111.117 | 200 OK | 457 B |
URL HTTP/2buttons-config.sharethis.com/js/61297b2724fac90012c3ba72.js IP54.230.111.117:0
File typeASCII text, with very long lines (457), with no line terminators Hash19378e5d0f5c381e523c93eae74ad890 5d6f7ea3d0b894a0f30ce0f1919b1d349f27e756 f67a2772e8a292d7d92eefccec94b7a029c43d08b21febb01b3ce1c32bd4d45a
GET /js/61297b2724fac90012c3ba72.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 457
last-modified: Fri, 27 Aug 2021 23:54:16 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 21:49:44 GMT
cache-control: public, max-age=60
etag: "19378e5d0f5c381e523c93eae74ad890"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X2L6CHZPd9y4yQvGtli_pljJ_b4mOhNOjpHRgXNsLuw3xXMWTkwQnw==
age: 58
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| wadmargincling.com/sbar.json?key=e39e6de78434e75a812da1a674f8e022&uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17%3A2%3A1 | 192.243.59.12 | 200 OK | 4.0 kB |
URL HTTP/1.1wadmargincling.com/sbar.json?key=e39e6de78434e75a812da1a674f8e022&uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17%3A2%3A1 IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (6126), with no line terminators Hash165037f39bfe1870772b85a62aae3818 9d78b1f6ef2c4e2b8f786192d396dec6be5b1031 bb3765a8edbff965522940f555ac0bce6eb6de38e841f81ab80b46fecc5ea178
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=e39e6de78434e75a812da1a674f8e022&uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17%3A2%3A1 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 21:50:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mynewsj.com
Access-Control-Allow-Origin: https://mynewsj.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15933797; expires=Tue, 27 Sep 2022 21:50:41 GMT; secure; SameSite=None
uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; expires=Mon, 03 Oct 2022 21:50:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 27 Sep 2022 21:50:41 GMT; secure; SameSite=None
uncs=1; expires=Tue, 27 Sep 2022 21:50:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 27 Sep 2022 21:50:41 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 27 Sep 2022 21:50:41 GMT; secure; SameSite=None
slece39e6de78434e75a812da1a674f8e022=[3078189]; expires=Mon, 26 Sep 2022 21:50:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcfadef320595fc5b27c9d59e9253a1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| gum.criteo.com/sync?c=147&r=2&j=criteoCallback | 178.250.0.157 | 200 OK | 39 kB |
URL HTTP/2gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP178.250.0.157:0
File typeC source, ASCII text, with very long lines (32001) Hashe1def3c3b3da353cbbef6ecfd690995a 2049a893258d87973c899084902cb07ee93ddc26 f5c38a546b32f03001656c1a6df36843b2ff1c36d34022e983ef677ee0bfaf8c
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 535294
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258&google_error=3 | 172.67.13.182 | 200 OK | 95 B |
URL HTTP/2mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258&google_error=3 IP172.67.13.182:0
File typePNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Hash71a50dbba44c78128b221b7df7bb51f1 0ec63b140374ba704a58fa0c743cb357683313dd 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=088ffde6-5fac-4755-688e-415ca1350dfd&reqId=47668b53-e6c2-423a-585f-1a657cc9dc7c&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Connection: keep-alive
Cookie: zc=088ffde6-5fac-4755-688e-415ca1350dfd; zsc=a%B1BZ%98Y%D6%A8%BE%87%BC%CB%ED%15h%5C%5BxfL%3D%BB%9Bd%F2%B4%1C%CF%0D%3A%E8w%24%82%A4%BAG%F7%8D%95i%C9%9D%87%10%F7%805o%E1r%FDL%05%1BG%A7%DC%29g%23%0F%3D%AAbz0%09%974%05%D5%8F%E8%818ss%9E%DD_%9F%1F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:41 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://mynewsj.com
set-cookie: zc=088ffde6-5fac-4755-688e-415ca1350dfd; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f3775b9f60b4d-OSL
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/65727016?wmode=7&page-url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1185451638710%3Ahid%3A21988163%3Az%3A0%3Ai%3A20220926215039%3Aet%3A1664229040%3Ac%3A1%3Arn%3A548720617%3Arqn%3A1%3Au%3A16642290401008604772%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C98%2C208%2C24%2C373%2C0%2C%2C1305%2C5%2C%2C%2C%2C2152%3Ans%3A1664229036307%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664229040%3At%3AUncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) | 77.88.21.119 | 302 Found | 407 B |
URL HTTP/2mc.yandex.ru/watch/65727016?wmode=7&page-url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1185451638710%3Ahid%3A21988163%3Az%3A0%3Ai%3A20220926215039%3Aet%3A1664229040%3Ac%3A1%3Arn%3A548720617%3Arqn%3A1%3Au%3A16642290401008604772%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C98%2C208%2C24%2C373%2C0%2C%2C1305%2C5%2C%2C%2C%2C2152%3Ans%3A1664229036307%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664229040%3At%3AUncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) IP77.88.21.119:0
File typeJSON data\012- , ASCII text, with very long lines (407), with no line terminators Hash0010ae9482a08e08c468621e57ecb1d7 d1f504e039732f635a2e9a3b09c540a48d17fe79 f46681b1a9c9baf382e343054451e62ce3daf98ac1f1f87fadd7d8a5176cb1e8
GET /watch/65727016?wmode=7&page-url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1185451638710%3Ahid%3A21988163%3Az%3A0%3Ai%3A20220926215039%3Aet%3A1664229040%3Ac%3A1%3Arn%3A548720617%3Arqn%3A1%3Au%3A16642290401008604772%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C98%2C208%2C24%2C373%2C0%2C%2C1305%2C5%2C%2C%2C%2C2152%3Ans%3A1664229036307%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664229040%3At%3AUncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/65727016/1?wmode=7&page-url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A2015%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1185451638710%3Ahid%3A21988163%3Az%3A0%3Ai%3A20220926215039%3Aet%3A1664229040%3Ac%3A1%3Arn%3A548720617%3Arqn%3A1%3Au%3A16642290401008604772%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C98%2C208%2C24%2C373%2C0%2C%2C1305%2C5%2C%2C%2C%2C2152%3Ans%3A1664229036307%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664229040%3At%3AUncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 26 Sep 2022 21:50:41 GMT
access-control-allow-origin: https://mynewsj.com
set-cookie: yandexuid=3806743191664229041; Expires=Tue, 26-Sep-2023 21:50:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3806743191664229041; Expires=Tue, 26-Sep-2023 21:50:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=661862131664229041; Path=/; SameSite=None; Secure
i=+s8tsnjR0BkhbYx0Ai0HTdtJ8Qu6JktKxGo9HX28nBr+s7FQSA9fzhwB7HdfzLJ68I41NGf5Iub1SsIhaiSqLwLiuOU=; Expires=Thu, 23-Sep-2032 21:50:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695765041.yrts.1664229041#1695765041.yrtsi.1664229041; Expires=Tue, 26-Sep-2023 21:50:41 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 26-Sep-2022 21:50:41 GMT
last-modified: Mon, 26-Sep-2022 21:50:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 77.88.21.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP77.88.21.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 26 Sep 2022 21:50:41 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Mon, 26 Sep 2022 22:50:41 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/arrow_right.svg | 54.230.111.128 | 200 OK | 565 B |
URL HTTP/2platform-cdn.sharethis.com/img/arrow_right.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409) Hash9928d025bd5792b718ee0a185f62e67c 16406d7b5b6d383b12859b853cf6cb7e3733e33d 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
GET /img/arrow_right.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
date: Sun, 11 Sep 2022 09:21:07 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VNFBV5jZikJPmCK5PL4DwnEjZRB25M-FWAZHm2bIa11h2F0Gmw9jTg==
age: 1340975
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/arrow_left.svg | 54.230.111.128 | 200 OK | 565 B |
URL HTTP/2platform-cdn.sharethis.com/img/arrow_left.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409) Hashb55d8d2b9321e381a3c38a4bddb74037 000c29635758e608bbe15d191e953adb27627c2e 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
GET /img/arrow_left.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:01:50 GMT
cache-control: public, max-age=2592000
etag: "b55d8d2b9321e381a3c38a4bddb74037"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PXeLuJAYi1a7ozsqBeJ3w7ZWXKJbtYp_iVDr_RCK15qY5fV7Po7LCQ==
age: 1702135
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/sharethis.svg | 54.230.111.128 | 200 OK | 514 B |
URL HTTP/2platform-cdn.sharethis.com/img/sharethis.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (358) Hashdeecdaa377907db5cc1722fc831670a1 4e39e0fd5742cc1460e24620df4a360abb71290e 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
GET /img/sharethis.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 514
date: Fri, 09 Sep 2022 00:38:14 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NoDTtqn2PrG4phX8NDycy6tNRnk81VjrdYMB5_goGgZD4F3NNpqQ0g==
age: 1545148
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/twitter.svg | 54.230.111.128 | 200 OK | 731 B |
URL HTTP/2platform-cdn.sharethis.com/img/twitter.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575) Hash0af2fb38987598376c99e21af17ade45 bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 01:05:31 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VIRA7EXPgu_3_1sXw6pB7AOqXfqA4jNhYYF_BQ_GP_sUs9xqwgXRJw==
age: 852311
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/pinterest.svg | 54.230.111.128 | 200 OK | 771 B |
URL HTTP/2platform-cdn.sharethis.com/img/pinterest.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (615) Hash2b10a062e719c64b686e2e8fcdc216dc 38bd37fa3975f4d5b849763359481d8b31bb80ba efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
GET /img/pinterest.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 771
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 03:57:45 GMT
cache-control: public, max-age=2592000
etag: "2b10a062e719c64b686e2e8fcdc216dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cAFStit9QKXXSYZCV_34i9qVplwcahjwVWQYKL_MyNHMe0J3YJtGsg==
age: 669177
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/email.svg | 54.230.111.128 | 200 OK | 343 B |
URL HTTP/2platform-cdn.sharethis.com/img/email.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text Hash5977437466e857c7ddcadda6f6d88c2a 19c6378daa1f946ca225fb8d9e039e1f7762fb0d 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
GET /img/email.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:56:03 GMT
cache-control: public, max-age=2592000
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dk8Oa5YSuFF9ntWGrO5LRMWgRzpV9wwzr11SPrDbFomhIq6pDK6HXA==
age: 492877
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/facebook.svg | 54.230.111.128 | 200 OK | 301 B |
URL HTTP/2platform-cdn.sharethis.com/img/facebook.svg IP54.230.111.128:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text Hashc6e9be45643e197ce1db1d7e24a99adc d7338e398bb0f7a9082d24f121140d2cf9e88859 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
date: Fri, 02 Sep 2022 05:08:41 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QYbxn1ycABF-rZm0n72Q8lG47N3mvtM8GAZwNmQ5VDkfV8kWagz5-A==
age: 2133721
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| glimtors.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Content-Type: application/json
Origin: https://mynewsj.com
Content-Length: 742
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:41 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f080ea42a7cbc6891134497a6ee84b02
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashc8604092ecece3e344d45eb1068ed28d 0be29f9b6f51a0674cad08ec3ca8551b7f2b2ccf 8b9bafe3253bef5e6e20d634716a454413f2aa4e015be830e762d3f04a2998d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 21:50:41 GMT
Last-Modified: Mon, 26 Sep 2022 20:29:24 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P1skIW4iS3pE-LtMVSCwwUFRrJP5Jshq2w8ZPAKeor2jo4GNDDWIlA==
Age: 4877
|
|
| wadmargincling.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdvc3unX0o1hgJpk1pFX3T2Zm5y5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YXFul977aMguFhblZnr1%2FrN%2BOM4ulgzvTdbcd1%2FvfauYBt6IfQD3w%2F8oLYsjWjr%2FsKEhMzvtYJ6y69HYT1YjNA3%2F5%2Bt82CpB947Ic9C8vHcQ%2B88JBsh636zJOxGofM33uk6RQtt0OP7H2QbmS4zdGewbTy0s%2F1TNbQ9Wn4Ane1N7UL3%2FhOmcky8Hx4gzfZPTSLt7U59pgoiQ8qfRtkbQagRJB2B6ZuQ%2FIgAjOPqGrLu7avalHTzCUsn7JjMPX4EWY7J3K%2FnkXW%2Fvqxkv3ZDK1dInVn02xVkfwTZGSF3Byi2zkCWB2DFZ5D8J7LweBVZd3fNKg3Jj18NWBKJZtufbzebjfkoiuk8TYQ%2FH6ci4GHSWGRBMg1IyhFkewQlBqD2DJz14KQH1%2Fbgcg9dflxjQRAkPmfUb7YYa%2FBEpDH3A5q0Axr4cROOTd4wQJEPwNQAzGwjN9vYkAMY9z3segXLPdiCoMcrlIKgtAQlJSglQVkQlL1qjysb2uo2V9alwWkPT3ujGuqis0P3dNERGdnJT8gz0%2BAevSKwIY5rotESMRdJM2pEIlmkzSDkNKBxErWbwg9DWFlB2jOg1sOWHJPnzv%2BBXI4J%2BeIXpPQAVh2AyZdA3cug5TAJfdD1YdT0sZXdzURpna3TPAfXFfJiDsWmt6NOyAtTF%2FW%2F5iHYITktMFMhNxU%2BlQ8JOurW8Louye51XVpyfy0vZFdu0cnX3ihoIby774nNUhu%2BsmQHd95iE2IC770vbLFKMy6zjiVfXZacC7OsDRPk2xX7oUivObt%2B2ZnM5avX3l5e6eZGWCt1NgKVR%2BfOgckxeerHP6c7%2B%2FzJi5BmBOMqdN3MqdQHYPk2bH546ZP0yvj3O3%2FD6rMwaqZJcw%2Blq4YmTGeHShIoMZtpWsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cmBZS5Q1TZbzdVBn15ZNorTyuJY2GT%2BPWYpAkVCRpFDbbccApDaM4jGPaQGHHLLxw%2Fx8AAAD%2F%2FwEAAP%2F%2FghDFu34EAAA%3D | 192.243.59.12 | 200 OK | 7 B |
URL HTTP/1.1wadmargincling.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdvc3unX0o1hgJpk1pFX3T2Zm5y5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YXFul977aMguFhblZnr1%2FrN%2BOM4ulgzvTdbcd1%2FvfauYBt6IfQD3w%2F8oLYsjWjr%2FsKEhMzvtYJ6y69HYT1YjNA3%2F5%2Bt82CpB947Ic9C8vHcQ%2B88JBsh636zJOxGofM33uk6RQtt0OP7H2QbmS4zdGewbTy0s%2F1TNbQ9Wn4Ane1N7UL3%2FhOmcky8Hx4gzfZPTSLt7U59pgoiQ8qfRtkbQagRJB2B6ZuQ%2FIgAjOPqGrLu7avalHTzCUsn7JjMPX4EWY7J3K%2FnkXW%2Fvqxkv3ZDK1dInVn02xVkfwTZGSF3Byi2zkCWB2DFZ5D8J7LweBVZd3fNKg3Jj18NWBKJZtufbzebjfkoiuk8TYQ%2FH6ci4GHSWGRBMg1IyhFkewQlBqD2DJz14KQH1%2Fbgcg9dflxjQRAkPmfUb7YYa%2FBEpDH3A5q0Axr4cROOTd4wQJEPwNQAzGwjN9vYkAMY9z3segXLPdiCoMcrlIKgtAQlJSglQVkQlL1qjysb2uo2V9alwWkPT3ujGuqis0P3dNERGdnJT8gz0%2BAevSKwIY5rotESMRdJM2pEIlmkzSDkNKBxErWbwg9DWFlB2jOg1sOWHJPnzv%2BBXI4J%2BeIXpPQAVh2AyZdA3cug5TAJfdD1YdT0sZXdzURpna3TPAfXFfJiDsWmt6NOyAtTF%2FW%2F5iHYITktMFMhNxU%2BlQ8JOurW8Louye51XVpyfy0vZFdu0cnX3ihoIby774nNUhu%2BsmQHd95iE2IC770vbLFKMy6zjiVfXZacC7OsDRPk2xX7oUivObt%2B2ZnM5avX3l5e6eZGWCt1NgKVR%2BfOgckxeerHP6c7%2B%2FzJi5BmBOMqdN3MqdQHYPk2bH546ZP0yvj3O3%2FD6rMwaqZJcw%2Blq4YmTGeHShIoMZtpWsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cmBZS5Q1TZbzdVBn15ZNorTyuJY2GT%2BPWYpAkVCRpFDbbccApDaM4jGPaQGHHLLxw%2Fx8AAAD%2F%2FwEAAP%2F%2FghDFu34EAAA%3D IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdvc3unX0o1hgJpk1pFX3T2Zm5y5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YXFul977aMguFhblZnr1%2FrN%2BOM4ulgzvTdbcd1%2FvfauYBt6IfQD3w%2F8oLYsjWjr%2FsKEhMzvtYJ6y69HYT1YjNA3%2F5%2Bt82CpB947Ic9C8vHcQ%2B88JBsh636zJOxGofM33uk6RQtt0OP7H2QbmS4zdGewbTy0s%2F1TNbQ9Wn4Ane1N7UL3%2FhOmcky8Hx4gzfZPTSLt7U59pgoiQ8qfRtkbQagRJB2B6ZuQ%2FIgAjOPqGrLu7avalHTzCUsn7JjMPX4EWY7J3K%2FnkXW%2Fvqxkv3ZDK1dInVn02xVkfwTZGSF3Byi2zkCWB2DFZ5D8J7LweBVZd3fNKg3Jj18NWBKJZtufbzebjfkoiuk8TYQ%2FH6ci4GHSWGRBMg1IyhFkewQlBqD2DJz14KQH1%2Fbgcg9dflxjQRAkPmfUb7YYa%2FBEpDH3A5q0Axr4cROOTd4wQJEPwNQAzGwjN9vYkAMY9z3segXLPdiCoMcrlIKgtAQlJSglQVkQlL1qjysb2uo2V9alwWkPT3ujGuqis0P3dNERGdnJT8gz0%2BAevSKwIY5rotESMRdJM2pEIlmkzSDkNKBxErWbwg9DWFlB2jOg1sOWHJPnzv%2BBXI4J%2BeIXpPQAVh2AyZdA3cug5TAJfdD1YdT0sZXdzURpna3TPAfXFfJiDsWmt6NOyAtTF%2FW%2F5iHYITktMFMhNxU%2BlQ8JOurW8Louye51XVpyfy0vZFdu0cnX3ihoIby774nNUhu%2BsmQHd95iE2IC770vbLFKMy6zjiVfXZacC7OsDRPk2xX7oUivObt%2B2ZnM5avX3l5e6eZGWCt1NgKVR%2BfOgckxeerHP6c7%2B%2FzJi5BmBOMqdN3MqdQHYPk2bH546ZP0yvj3O3%2FD6rMwaqZJcw%2Blq4YmTGeHShIoMZtpWsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cmBZS5Q1TZbzdVBn15ZNorTyuJY2GT%2BPWYpAkVCRpFDbbccApDaM4jGPaQGHHLLxw%2Fx8AAAD%2F%2FwEAAP%2F%2FghDFu34EAAA%3D HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: u_pl=15933797; uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece39e6de78434e75a812da1a674f8e022=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 21:50:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: deb44a0b99e932a93ed2a570edef931c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 | 34.254.79.202 | 200 OK | 20 B |
URL HTTP/1.1adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 IP34.254.79.202:0
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mynewsj.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Mon, 26 Sep 2022 21:50:41 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 21:50:41 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf97fb3901ca271d482507144beb94227 1e11e37741ce260eb4333678fdd1ee977faf4073 9ac322b9a22c80ac8386a51efd64e14349144b1a159471e18689cc729a8ed97f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AC322B9A22C80AC8386A51EFD64E14349144B1A159471E18689CC729A8ED97F"
Last-Modified: Sun, 25 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9796
Expires: Tue, 27 Sep 2022 00:33:58 GMT
Date: Mon, 26 Sep 2022 21:50:42 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha0f884d959b986684bb199e29ea6c2af 91d2654bea2dd92ae95b844b32cc345d16c398b7 3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4468
Expires: Mon, 26 Sep 2022 23:05:10 GMT
Date: Mon, 26 Sep 2022 21:50:42 GMT
Connection: keep-alive
|
|
| wadmargincling.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=448 | 192.243.59.12 | 200 OK | 0 B |
URL HTTP/1.1wadmargincling.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=448 IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=448 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: u_pl=15933797; uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece39e6de78434e75a812da1a674f8e022=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 21:50:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg | 172.64.200.2 | 200 OK | 65 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg IP172.64.200.2:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data Hash61f7b1fa1698507638df7882e2bdfcaf 89134af9a734f4c30d0db01ea36c86895e46b7e3 bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4707944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ah2gBHFyu8zJ%2B3Uuu%2BBx9qrEwgkYnOEFlotlvwZeD%2BCojchlgBRUeqyRNc5SrJZ1Iud6%2B9ZyH0e%2FNWH%2FD81Vas6zdm68DxS%2FiYf2oWVt4voF1vpx3eljGujGmQAu1e%2FSWkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f377a98707698-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 344 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha0f884d959b986684bb199e29ea6c2af 91d2654bea2dd92ae95b844b32cc345d16c398b7 3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4468
Expires: Mon, 26 Sep 2022 23:05:10 GMT
Date: Mon, 26 Sep 2022 21:50:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash968198a1616f58bae179ece51ddee081 255d4fd03085e47ca29f32aa918ecb9e2c6d0f31 5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13927
Expires: Tue, 27 Sep 2022 01:42:49 GMT
Date: Mon, 26 Sep 2022 21:50:42 GMT
Connection: keep-alive
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css | 172.64.200.2 | 200 OK | 4.8 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css IP172.64.200.2:0
Hash21eb7a65c17a2c22ba104a7ecbf1dc0f ea8c53be54889c7489aed04e30e3eb83af64dec9 090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FKFuzSlQPVA%2BhVlncrrG%2FoQlOkvJjZZZZTAMHjR71iECxgnDWSZUtprb9N855jdnbZK4be%2F02%2Fudxit%2BjrjMip8fyUxP8xdeuzWwQApqmsi2yFzUBRGigsr5eK6Iu1ZunA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f377a783d7698-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=16634562c53f547c47deb1db0259b76a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=16634562c53f547c47deb1db0259b76a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=16634562c53f547c47deb1db0259b76a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 21:50:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe2dfd267fdf437672b23b2362b3f72d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js | 172.64.200.2 | 200 OK | 189 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js IP172.64.200.2:0
Hashe92fccb89580145c885f0359badbd628 bed02f01f78b1f585462796e01527a268ac7f24c f9fdf22943d31068189a6e1329d6bc9bf9ebc39b5ce4ccbd1d3a2f99f82a0597
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvjVNmuicCxScUs9wUYvE0jzbU9jMR9W18Pau%2Bx05PITUd8uitR0f5QOW9c0a4iGfPVGH%2F0E7cTf0Rx4E5CXs0kndiSDq4OgqaPIDq%2FoMHKwtKWwAplmaCIvOCh%2F%2Ffiy5KM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f377a783f7698-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash737756d717fd215d94458a21028ae486 ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f 8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash737756d717fd215d94458a21028ae486 ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f 8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 440194
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 440194
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e39e6de78434e75a812da1a674f8e022&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e39e6de78434e75a812da1a674f8e022&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=1c74e8f0-f883-446a-a7e0-6be1d2735c17&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=e39e6de78434e75a812da1a674f8e022&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 21:50:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62b66db6d3c41d21969f82166050a178
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wadmargincling.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdu73bjX0o1hgJpk1pFX3T2ZnZy5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YVW3a%2B99lEQXKytysz1a%2F24%2FXE7vFgzvTcX23X%2F9dq7gm3ohYYf%2BH7gB7VlaUSq%2BwsTEjK%2FtxjUF%2F162KgHrRB98%2F%2FZOg%2BWeuC9E%2FIsJB%2FPPfTOQ7IRsu43S8JuFDp%2F452uU7TQBj2%2B%2F0G2kekyQ3cGU%2BMhzfZP1dD2aPkBdLY3tQvd%2B0%2BYyDHxfniAJNs%2FNYmktzv1mSiIDAl%2FGmVvBKFGkHQEpm9C8iMCMI6ra8i6t69qU9LNJyydsGMy9%2FgRZDkmc7%2BeR9b9%2BrKS%2FdoNrVwhdWbRTyvI%2FgiyM0LuDlBsnYEsD8CKzyD5T2Th8Sqy7u6aVRqSH78asCgUcerPp3HcnA%2FDNp2nkfDn24kIeCNqtlgQTQOScgSZjqDEANSegbMenPTgUg8u99DlxzUWBEHkc0b9eJGxJo9E0uZ%2BQKM0oIHfjuHY5A0DFPkATA3AzDZys40NOYBx38OuV7Dcgy0IerxCKQhKS1BSglISlAVB2av2uLINW93myrokOO2N096shrro7NA9XXRERnbyE%2FLMNLhHrwhsiOOaaC6KNhdRHDZDEbVoHDQ4DWg7CtNY%2BI0GrKwg7RlQ62FLjslz5%2F9ALseEfPELEnoAqw7A5Eug7mXQchg1fND1YRj72MruZqK0ztZpnoPrCnkxh2LT21En5IWpi%2Fpf8xDskJwWmKmQmwqfyocEHXVreF2XZPe6Li25v5YXsiu36ORrbxS0EN7d98RmqQ1fWbKDO2%2BxCTGB994XtlilGZdZx5KvLkvOhVnWhgny7Yr9UCTXnF2%2F7Ezm8tVrby%2BvdHMjrJU6G4HKo3PnwOSYPPXjn9Odff7kRUgzgnEVum7mVOoDsHwbNj%2B89ElyZfz7nb9h9VkYNdMkuYfSVUPTSGaHShIoMZtpUsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cnBYS5Q0TZbzdRBn15ZNorTyuNX0eJSIVUSLCVpgKxpNWK%2FFZypImj2OGwo5Z48L9fwAAAP%2F%2FAQAA%2F%2F8CxBBTfgQAAA%3D%3D | 192.243.59.12 | 200 OK | 7 B |
URL HTTP/1.1wadmargincling.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdu73bjX0o1hgJpk1pFX3T2ZnZy5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YVW3a%2B99lEQXKytysz1a%2F24%2FXE7vFgzvTcX23X%2F9dq7gm3ohYYf%2BH7gB7VlaUSq%2BwsTEjK%2FtxjUF%2F162KgHrRB98%2F%2FZOg%2BWeuC9E%2FIsJB%2FPPfTOQ7IRsu43S8JuFDp%2F452uU7TQBj2%2B%2F0G2kekyQ3cGU%2BMhzfZP1dD2aPkBdLY3tQvd%2B0%2BYyDHxfniAJNs%2FNYmktzv1mSiIDAl%2FGmVvBKFGkHQEpm9C8iMCMI6ra8i6t69qU9LNJyydsGMy9%2FgRZDkmc7%2BeR9b9%2BrKS%2FdoNrVwhdWbRTyvI%2FgiyM0LuDlBsnYEsD8CKzyD5T2Th8Sqy7u6aVRqSH78asCgUcerPp3HcnA%2FDNp2nkfDn24kIeCNqtlgQTQOScgSZjqDEANSegbMenPTgUg8u99DlxzUWBEHkc0b9eJGxJo9E0uZ%2BQKM0oIHfjuHY5A0DFPkATA3AzDZys40NOYBx38OuV7Dcgy0IerxCKQhKS1BSglISlAVB2av2uLINW93myrokOO2N096shrro7NA9XXRERnbyE%2FLMNLhHrwhsiOOaaC6KNhdRHDZDEbVoHDQ4DWg7CtNY%2BI0GrKwg7RlQ62FLjslz5%2F9ALseEfPELEnoAqw7A5Eug7mXQchg1fND1YRj72MruZqK0ztZpnoPrCnkxh2LT21En5IWpi%2Fpf8xDskJwWmKmQmwqfyocEHXVreF2XZPe6Li25v5YXsiu36ORrbxS0EN7d98RmqQ1fWbKDO2%2BxCTGB994XtlilGZdZx5KvLkvOhVnWhgny7Yr9UCTXnF2%2F7Ezm8tVrby%2BvdHMjrJU6G4HKo3PnwOSYPPXjn9Odff7kRUgzgnEVum7mVOoDsHwbNj%2B89ElyZfz7nb9h9VkYNdMkuYfSVUPTSGaHShIoMZtpUsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cnBYS5Q0TZbzdRBn15ZNorTyuNX0eJSIVUSLCVpgKxpNWK%2FFZypImj2OGwo5Z48L9fwAAAP%2F%2FAQAA%2F%2F8CxBBTfgQAAA%3D%3D IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | fortinet | Phishing | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RS0WscRRyebQM%2BCAWlKIqWE3xQMJfdu73bjX0o1hgJpk1pFX3T2ZnZy5i5nWVm5%2FaSp2BB%2Bub5H2y%2BSxpai9g%2FwCqXgkhAyPliHszfoBaLDz7IXaOHv5ff95vvG%2Fjmm9%2FnO%2B6E%2BHD0eOmK3pJK0YVW3a%2B99lEQXKytysz1a%2F24%2FXE7vFgzvTcX23X%2F9dq7gm3ohYYf%2BH7gB7VlaUSq%2BwsTEjK%2FtxjUF%2F162KgHrRB98%2F%2FZOg%2BWeuC9E%2FIsJB%2FPPfTOQ7IRsu43S8JuFDp%2F452uU7TQBj2%2B%2F0G2kekyQ3cGU%2BMhzfZP1dD2aPkBdLY3tQvd%2B0%2BYyDHxfniAJNs%2FNYmktzv1mSiIDAl%2FGmVvBKFGkHQEpm9C8iMCMI6ra8i6t69qU9LNJyydsGMy9%2FgRZDkmc7%2BeR9b9%2BrKS%2FdoNrVwhdWbRTyvI%2FgiyM0LuDlBsnYEsD8CKzyD5T2Th8Sqy7u6aVRqSH78asCgUcerPp3HcnA%2FDNp2nkfDn24kIeCNqtlgQTQOScgSZjqDEANSegbMenPTgUg8u99DlxzUWBEHkc0b9eJGxJo9E0uZ%2BQKM0oIHfjuHY5A0DFPkATA3AzDZys40NOYBx38OuV7Dcgy0IerxCKQhKS1BSglISlAVB2av2uLINW93myrokOO2N096shrro7NA9XXRERnbyE%2FLMNLhHrwhsiOOaaC6KNhdRHDZDEbVoHDQ4DWg7CtNY%2BI0GrKwg7RlQ62FLjslz5%2F9ALseEfPELEnoAqw7A5Eug7mXQchg1fND1YRj72MruZqK0ztZpnoPrCnkxh2LT21En5IWpi%2Fpf8xDskJwWmKmQmwqfyocEHXVreF2XZPe6Li25v5YXsiu36ORrbxS0EN7d98RmqQ1fWbKDO2%2BxCTGB994XtlilGZdZx5KvLkvOhVnWhgny7Yr9UCTXnF2%2F7Ezm8tVrby%2BvdHMjrJU6G4HKo3PnwOSYPPXjn9Odff7kRUgzgnEVum7mVOoDsHwbNj%2B89ElyZfz7nb9h9VkYNdMkuYfSVUPTSGaHShIoMZtpUsGKw%2B9%2B%2B%2FfSDO%2FYW%2BiYC6DFTWTdCj1ToacqUDWAdWeHRW4OL%2F3cnBYS5Q0TZbzdRBn15ZNorTyuNX0eJSIVUSLCVpgKxpNWK%2FFZypImj2OGwo5Z48L9fwAAAP%2F%2FAQAA%2F%2F8CxBBTfgQAAA%3D%3D HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: u_pl=15933797; uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece39e6de78434e75a812da1a674f8e022=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 21:50:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 153a8ab83a5c0e762c0c1ab623f7558e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash737756d717fd215d94458a21028ae486 ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f 8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.10 | 200 OK | 660 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.10:0
Hash5860c780c8e9daa4f852038f02b5bdc2 c75c8b4db36bffe075ce493f06d011f855d5541a f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 21:50:42 GMT
date: Mon, 26 Sep 2022 21:50:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent= | 162.19.138.117 | 200 | 43 B |
URL HTTP/1.1id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent= IP162.19.138.117:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash07fff40b5dd495aca2ac4e1c3fbc60aa e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4 a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 26-Sep-2022 21:55:43 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 26 Sep 2022 21:50:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
|
|
| cmp.quantcast.com/tcfv2/42/cmp2ui-en.js | 143.204.55.17 | 200 OK | 60 kB |
URL HTTP/2cmp.quantcast.com/tcfv2/42/cmp2ui-en.js IP143.204.55.17:0
File typeASCII text, with very long lines (65469) Hash57a0fc2a38a0372a5e40c4472e8d3849 6c46526f8141558a16debdbe3698bd2e0e925923 da4147e40542cedc19892b9b5fddf1b10db33a30d942dac5700f03e104f09adf
GET /tcfv2/42/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 25 Sep 2022 01:26:12 GMT
cache-control: max-age=172800
etag: W/"24932b3e61742029985961c24d35dbb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eKuToUxNT6-DuxaFGMnwZ2WsEHqKMV1c2wk2OaGXv-0i9jpV7zMRUw==
age: 159872
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json | 143.204.55.17 | 200 OK | 43 kB |
URL HTTP/2cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json IP143.204.55.17:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators Hash2f1fd2f69c0177b7f0e45f81b4cceec8 b847a72a53a21b902a1dac6e251a1c17b97b2060 2df066c04438ed329deeee72c01af98f8f2bd58b1a72c9d91cd6c138f7264990
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 26 Sep 2022 03:00:37 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 26 Sep 2022 03:00:33 GMT
etag: W/"1320564804e317fb26f6d5faa7100333"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 405NI3mg1aNKFCoab2XOYXIMiFH6Ko-fiNq1CANYtua3XbAZ2q0mEg==
age: 67806
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hashf2fcf838f5d6c8d7cb5eefa19e0fedae 5f453cc4ae4a892937814588913e76e24594921f 85c101df8ee7d95095a4006e520b6a31e765ab314c4ab161c6274ee58a048360
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:50:43 GMT
Last-Modified: Mon, 26 Sep 2022 21:00:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
|
|
| wadmargincling.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL HTTP/1.1wadmargincling.com/pixel/sbs?c=1 IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: u_pl=15933797; uid_id2=1c74e8f0-f883-446a-a7e0-6be1d2735c17:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece39e6de78434e75a812da1a674f8e022=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 21:50:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 | 178.250.0.162 | 200 OK | 43 B |
URL HTTP/2csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 IP178.250.0.162:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hash414f2b9d4ab6896faad42b864bf628e2 e24745d578e231d26a6b4c862e25b088dc8a322f 4f2a81bcd2823fa5ea4676198aa3f1676de15d90a06a8154984f84ad369da2ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 21:50:43 GMT
Last-Modified: Mon, 26 Sep 2022 20:33:24 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G2chRcLD6WkvCNFC2Q402ruxhMVu6eBuyRN4OA_uk9NX5DmqRBt50g==
Age: 4639
|
|
| l.sharethis.com/pview?event=pview&hostname=mynewsj.com&location=%2Fnews%2Funcategorized%2F&product=sticky-share-buttons&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=Uncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&cms=unknown&publisher=61297b2724fac90012c3ba72&sop=true&version=st_sop.js&lang=en | 52.29.39.53 | 204 No Content | 0 B |
URL HTTP/1.1l.sharethis.com/pview?event=pview&hostname=mynewsj.com&location=%2Fnews%2Funcategorized%2F&product=sticky-share-buttons&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=Uncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&cms=unknown&publisher=61297b2724fac90012c3ba72&sop=true&version=st_sop.js&lang=en IP52.29.39.53:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=mynewsj.com&location=%2Fnews%2Funcategorized%2F&product=sticky-share-buttons&url=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=Uncategorized%20Archives%20%E2%80%94%20My%20News%20Journal&cms=unknown&publisher=61297b2724fac90012c3ba72&sop=true&version=st_sop.js&lang=en HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://mynewsj.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 21:50:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
|
|
| csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 | 178.250.0.162 | 200 OK | 43 B |
URL HTTP/2csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 IP178.250.0.162:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css | 172.64.200.2 | 200 OK | 1.0 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css IP172.64.200.2:0
Hash53b61b6a539d092880a9b367de9766ad 34f592473136325b84ccae6e583cf6f0c3822bc0 a215a60ea6b6fde2c4b12e6c47ab0516489901176dc7756d33b16903ae5d316e
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:52 GMT
etag: W/"6114ef74-e68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKMC3ha1rpetGrSK8aY34RZDOTPCWta39IwKZBBQV4tMdXX89br0n2xwQfhRhAxtkvx%2ByxDc4mIojeW6TAp7izX0ilwHEn%2F391HjKXSxhswL3aIFN%2BunmjOdp9z0ewEKsTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f377a78417698-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| glimtors.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Content-Type: application/json
Origin: https://mynewsj.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3b2feacaa3e3b1db3dad6572ce07c9e9
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?pub=0&userId=b37a14ece04341b69fb2fb004ada4f34&zoneId=3156533&checkDuplicate=true&ymid=&var= | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?pub=0&userId=b37a14ece04341b69fb2fb004ada4f34&zoneId=3156533&checkDuplicate=true&ymid=&var= IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash258389529839cfa751e803473102b174 bd81436a157f725b87eb00d82c214248b18d8972 6d2f306cb601fc19344109aed133641586448dc01bd3bda603f094ca625844bd
GET /gid.js?pub=0&userId=b37a14ece04341b69fb2fb004ada4f34&zoneId=3156533&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
Origin: https://mynewsj.com
Connection: keep-alive
Cookie: ID=b88a4e81819d491b8c8d2cb7f6079214
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:47 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mynewsj.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:47 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| platform-api.sharethis.com/js/sharethis.js | 143.204.55.106 | 200 OK | 0 B |
URL HTTP/2platform-api.sharethis.com/js/sharethis.js IP143.204.55.106:0
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Mon, 26 Sep 2022 21:46:25 GMT
cache-control: max-age=600, public
etag: W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: as7jvE6EBrC8LWS-UfSQovj1TibXSO2_gb1fkBE3ra_AYYfxFzMLvw==
age: 274
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sync?c=147&r=2&j=criteoCallback | 178.250.0.157 | 200 OK | 0 B |
URL HTTP/2gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
x-crto-bundle: kgswfF9yam41Ujl0dTlCbVlVcVBOdllJN3F5eWxyUkhxaiUyQmtsRUVSMGZmbFRRbWJiaWczdUNtamNyb0tTVkdQTnZqQTVFTzJHTzFwUjlqcHppZVU2akxVeCUyQjJ3ZHdNbjB6bUxSRk1zTWgzaiUyRmNZUiUyQjlPbmFETCUyRlNOJTJCNmdSQ0RSa1NCQw
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://mynewsj.com
server-processing-duration-in-ticks: 655254
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| c.palama2.com/j/m/i.js?v33333334344445345343353452 | 104.21.11.254 | 200 OK | 0 B |
URL HTTP/2c.palama2.com/j/m/i.js?v33333334344445345343353452 IP104.21.11.254:0
GET /j/m/i.js?v33333334344445345343353452 HTTP/1.1
Host: c.palama2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 21 Sep 2022 11:04:55 GMT
etag: W/"632aefd7-e6bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 465177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCzV%2BNTuyirpk3q6xe4dRU%2F18d9dwkNiMhe4s4dhNh0AjCMdsEPdKLWpV5Q%2F%2BR9W3E0CFGQJCCL3OHqyOMp3WFf%2FfENHdheo3fSIQziiEM24fV%2FoA%2BNkhVIpBM%2BfFiNw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f37684dcdb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| inpagepush.com/400/3156537 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2inpagepush.com/400/3156537 IP139.45.197.237:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /400/3156537 HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
x-trace-id: 308d506c6d4d7a25570068487eb54173
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=edb69926e9c9421e980bec9760b1fe42; expires=Tue, 26 Sep 2023 21:50:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dozubatan.com/500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
GET /500/4495524?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: application/javascript
x-trace-id: 4a9cdd549f9286036091671a47ce29df
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://mynewsj.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sync?c=147&r=2&j=criteoCallback | 178.250.0.157 | 200 OK | 0 B |
URL HTTP/2gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mynewsj.com/
x-crto-bundle: kgswfF9yam41Ujl0dTlCbVlVcVBOdllJN3F5eWxyUkhxaiUyQmtsRUVSMGZmbFRRbWJiaWczdUNtamNyb0tTVkdQTnZqQTVFTzJHTzFwUjlqcHppZVU2akxVeCUyQjJ3ZHdNbjB6bUxSRk1zTWgzaiUyRmNZUiUyQjlPbmFETCUyRlNOJTJCNmdSQ0RSa1NCQw
Origin: https://mynewsj.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://mynewsj.com
server-processing-duration-in-ticks: 583680
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js | 143.204.55.17 | 200 OK | 0 B |
URL HTTP/2quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js IP143.204.55.17:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Mon, 26 Sep 2022 21:50:35 GMT
cache-control: max-age=900
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _gZjQNj0OcmT8yZWZoD0SwnX1Z7AhXqpiFj0sqYwROHK4DDC9Zz06w==
age: 9
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html | 45.133.44.3 | 200 OK | 0 B |
URL HTTP/2cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 26 Sep 2022 22:50:42 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/5/3156542/?oo=1&js_build=iclick-v1.430.0 | 139.45.197.234 | 200 OK | 0 B |
URL HTTP/2bedrapiona.com/5/3156542/?oo=1&js_build=iclick-v1.430.0 IP139.45.197.234:0
GET /5/3156542/?oo=1&js_build=iclick-v1.430.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: application/json
x-trace-id: 6251dc69e3a4b6a269f5ffca3c8c683e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://mynewsj.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=188037cb7d924b2eb18cdf8e6d91cf5f; expires=Tue, 26 Sep 2023 21:50:40 GMT; path=/; secure; SameSite=None
oaidts=1664229040; expires=Tue, 26 Sep 2023 21:50:40 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| secure.quantserve.com/quant.js | 91.228.74.168 | 200 OK | 0 B |
URL HTTP/2secure.quantserve.com/quant.js IP91.228.74.168:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:41 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
expires: Mon, 03 Oct 2022 21:50:41 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| inpagepush.com/500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2inpagepush.com/500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
GET /500/3156537?excludes=&oaid=b88a4e81819d491b8c8d2cb7f6079214&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fmynewsj.com%2Fnews%2Funcategorized%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Cookie: OAID=edb69926e9c9421e980bec9760b1fe42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:40 GMT
content-type: application/javascript
x-trace-id: b4b063683a70d9173379304e5b159486
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://mynewsj.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b88a4e81819d491b8c8d2cb7f6079214; expires=Tue, 26 Sep 2023 21:50:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| test.cmp.quantcast.com/GVL-v2/cmp-list.json | 143.204.55.116 | 200 OK | 0 B |
URL HTTP/2test.cmp.quantcast.com/GVL-v2/cmp-list.json IP143.204.55.116:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Mon, 26 Sep 2022 03:00:35 GMT
last-modified: Fri, 16 Sep 2022 19:52:29 GMT
etag: W/"50fb7062a6b6a4e6efde705408cf32f0"
x-amz-server-side-encryption: AES256
x-amz-version-id: oUUwrY_6WJ4t3DAGrQVvhBXnrJz9w1fe
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qUsyezFqnT_bwXnEWi1oA9dRwsaemfHolAEU6lxy2b2DM1HmrKVQUw==
age: 67807
X-Firefox-Spdy: h2
|
|
| mynewsj.com/news/uncategorized/ | 104.21.41.21 | 200 OK | 0 B |
URL HTTP/2mynewsj.com/news/uncategorized/ IP104.21.41.21:0
GET /news/uncategorized/ HTTP/1.1
Host: mynewsj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAM5blLQFt3%2F7SQpXGV6S0til6Hf5jHAzctfwtyqm9XrlAUoJNe85xq8VzWLAwMWvXfVc5KutQrTyu9Rzz0ldJ5%2FlnpAN1dQknn9fn87EyZKzg2II6f8P0YlxG6u0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f3763ee060b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| glimtors.net/ntfc.php?p=3156533 | 139.45.197.251 | 200 OK | 0 B |
URL HTTP/2glimtors.net/ntfc.php?p=3156533 IP139.45.197.251:0
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /ntfc.php?p=3156533 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| benumelan.com/1?z=3846473 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2benumelan.com/1?z=3846473 IP139.45.197.239:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /1?z=3846473 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 577d9e7617e76ba22fc0a51a74b3045f
access-control-expose-headers: X-Sc
x-sc: qTVppnOkjtOC69PGjRhyDyCw5LP5j82w_X0nSwKFphA1oNfF__6aj6UC5LoPtcM8znrwpu12-C-Nvk2FPIJt6TvE2-0=
set-cookie: scm=1; expires=Tue, 26 Sep 2023 21:50:39 GMT; secure; SameSite=None
OAID=9019c06fa7bf492e9a09448e8a2fbd77; expires=Tue, 26 Sep 2023 21:50:39 GMT; secure; SameSite=None
oaidts=1664229039; expires=Tue, 26 Sep 2023 21:50:39 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 | 178.250.0.157 | 200 OK | 0 B |
URL HTTP/2gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 IP178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fmynewsj.com%2F&domain=mynewsj.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://mynewsj.com
server-processing-duration-in-ticks: 1172760
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| cmp.quantcast.com/tcfv2/google-atp-list.json | 143.204.55.17 | 200 OK | 0 B |
URL HTTP/2cmp.quantcast.com/tcfv2/google-atp-list.json IP143.204.55.17:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Mon, 26 Sep 2022 03:01:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Mon, 26 Sep 2022 03:01:26 GMT
etag: W/"62506e65c6a8201a32eb8553540dd4f4"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uJkXMnkO8p6H-WnlBFB9bUkzjM9mUxqJdo58k19Hq10-sLnyCp5KtA==
age: 67753
X-Firefox-Spdy: h2
|
|
| ads.themoneytizer.com/s/gen.js?type=6 | 185.76.9.25 | 200 OK | 0 B |
URL HTTP/2ads.themoneytizer.com/s/gen.js?type=6 IP185.76.9.25:0 ASN#60068 Datacamp Limited
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1664251299
server: CDN77-Turbo
x-77-nzt: AblMCRRS8Zn/jPoAAA
x-77-nzt-ray: U5qhjU6W81g
x-cache: HIT
x-age: 64140
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| dozubatan.com/400/4495524 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2dozubatan.com/400/4495524 IP139.45.197.237:0
GET /400/4495524 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: application/javascript
x-trace-id: fba38313f5f81ad868491128153bebe8
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a413563f5a654b1bbdd83282cd3fc823; expires=Tue, 26 Sep 2023 21:50:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 | 172.67.13.182 | 200 OK | 0 B |
URL HTTP/2spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 IP172.67.13.182:0
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynewsj.com
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:50:39 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://mynewsj.com
set-cookie: zc=088ffde6-5fac-4755-688e-415ca1350dfd; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=a%B1BZ%98Y%D6%A8%BE%87%BC%CB%ED%15h%5C%5BxfL%3D%BB%9Bd%F2%B4%1C%CF%0D%3A%E8w%24%82%A4%BAG%F7%8D%95i%C9%9D%87%10%F7%805o%E1r%FDL%05%1BG%A7%DC%29g%23%0F%3D%AAbz0%09%974%05%D5%8F%E8%818ss%9E%DD_%9F%1F; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f376a49b10b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| platform-cdn.sharethis.com/img/sms.svg | 54.230.111.128 | 200 OK | 0 B |
URL HTTP/2platform-cdn.sharethis.com/img/sms.svg IP54.230.111.128:0
GET /img/sms.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynewsj.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 25 Sep 2022 03:57:25 GMT
cache-control: public, max-age=2592000
etag: W/"e7eca7e85a8b3599935b0649debb23f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lH75F-qE1xVVbQ606n-h9oPRdfxmgih3AzjflCsHeRCxrOU2IQ3J-A==
age: 150815
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|