odiannews.in/
212.227.191.17301 Moved Permanently 162 B IP 212.227.191.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: odiannews.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 03:37:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://odiannews.in/
firefox.settings.services.mozilla.com/v1/
18.165.201.103200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 03:02:59 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: v-FV8K3XrwJaQyA0AF3sG_gefcsc05lMT-sAFuGIWQj3I0WUtahMwA==
Age: 2088
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24cdc937930ac2ef9c8f46ba1deabcc5
397417929951bf20f235d5f91510163ac213dc71
eb128aec099dbf1919ee5d965221e904ad3a2162583683cec44518640b505447
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6334
Expires: Sun, 02 Oct 2022 05:23:21 GMT
Date: Sun, 02 Oct 2022 03:37:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.51200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.51:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 717666fbcd9eb8ed70d0f46dd99d0448.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: e17vyqcB7dqGdo314CjB-2syntXpMXcub9nf2Aiu8zcSAefNCkzDtg==
age: 271
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c873b23284affd571fc43032ada8e336
2e29468953c1f45a6c13ca2ff0bbbe9e461c5a63
7501a9c4ac89dd940bf173a21f8bfb248cf3b11b8b0ae31ff0673ce083cd28fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7501A9C4AC89DD940BF173A21F8BFB248CF3B11B8B0AE31FF0673CE083CD28FA"
Last-Modified: Sun, 02 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Sun, 02 Oct 2022 09:37:26 GMT
Date: Sun, 02 Oct 2022 03:37:48 GMT
Connection: keep-alive
odiannews.in/
212.227.191.17301 Moved Permanently 230 B IP 212.227.191.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8c74329513b3bc85cc60bb651f077d98
b4d3f7a581ad5516407b407f0f94ce8efbc3b3d5
36a1888f919b574e98e06ea81f885ab72ea2ecb25b3b395df0cd8da7b93637dd
GET / HTTP/1.1
Host: odiannews.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/html; charset=iso-8859-1
content-length: 230
location: https://odiannews.com/
x-powered-by: PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.103200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 03:32:54 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 04:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 680c9e756bdd27fcfeee763a87afaa06.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: CmzmIIAbJSLvkXdDRMkrtYphx2pDfl7jgmL3ThenK7SNv92465FGOw==
Age: 295
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 829e839c217bf861b8cf90c8d636f510
459714fcf0d374bdc078ef59d122d59bf9312c5f
36282e09bb25caf3d7350c4bee485cb87947aabc7d7409169caf15c2e75d8b7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4726
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:48 GMT
Last-Modified: Sun, 02 Oct 2022 02:19:02 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3oi4wiG9XU4uCJWFW7bePA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QF8bNmLvjaNrY9yParEX+fboruo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
odiannews.com/wp-content/uploads/2020/07/cropped-odianews-1.png
212.227.191.17200 OK 19 kB URL HTTP/2 odiannews.com/wp-content/uploads/2020/07/cropped-odianews-1.png
IP 212.227.191.17:0
File type PNG image data, 249 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e0cb9facb1940162049b2844a0383d0
83a0c8ff50df7fe6752002d03451fa7bfb430c74
d85531441e35ca567904ac7919bb3993eb5a714a4c6596b5f8fd15585ec3bc73
GET /wp-content/uploads/2020/07/cropped-odianews-1.png HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/png
content-length: 18814
last-modified: Sun, 12 Jul 2020 06:41:11 GMT
etag: "5f0ab087-497e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-107754389-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-107754389-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash ed9cc0f584daca052cb484b91f22bedf
9adc501c8d4d11391135b2fd822640a8cc1b7303
21303ec6a2a161cf94b8eeeadfe1b9075d1bf4f0f5cecda360023ab2f3f0f607
GET /gtag/js?id=UA-107754389-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 03:37:49 GMT
expires: Sun, 02 Oct 2022 03:37:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
212.227.191.17200 OK 5.7 kB URL HTTP/2 odiannews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
IP 212.227.191.17:0
File type ASCII text, with very long lines (15224)
Hash c065669bc98d281c125c822649388b5d
78008cecfec46415a81d126fadbba5101ef5cd17
4f5ea0218459625f2496105d8f8abb48cf1f81fcd3849c35efc761d4ed448707
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Sun, 26 Sep 2021 07:42:00 GMT
etag: W/"61502448-4705"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?sensor=false&ver=5.9.4
142.250.74.10200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?sensor=false&ver=5.9.4
IP 142.250.74.10:0
File type ASCII text, with very long lines (2593)
Hash 087271d160875017cec56e0ff87baab6
150a0554bcc42668270a8234da688bbc5bb56130
bf0289df8aef1ead3316a9fe1c2ab088c6d26579c9e907cf9f9e1fb724ebbb9e
GET /maps/api/js?sensor=false&ver=5.9.4 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 02 Oct 2022 03:37:49 GMT
expires: Sun, 02 Oct 2022 04:07:49 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54067
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 03:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202239.js
192.0.76.3200 OK 19 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash cbeca6138a5b5ed741189ff1f77ea2ab
94e9378782e3bd0439cbd2e785c47334c78ac533
2045fe28feddb89e75939ce40b57cbcf41f0cb2a4454e2c2ac1f1b9922b5957d
GET /e-202239.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 17 Sep 2023 22:04:35 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=5.9.4
212.227.191.17200 OK 536 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=5.9.4
IP 212.227.191.17:0
Hash 38697bdf2f741d1f2b4d88193fa47b80
ffa91fe44d787f20b2d1b35054470c902433e120
be9301984511ebe8eb3400feb7ce5a91619247e7e9ad5516d8c4709b2e033bf0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"53-5d811a37ec7b3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831-1.webp
212.227.191.17200 OK 30 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831-1.webp
IP 212.227.191.17:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1aab6f2067bf97bee19bd06c66adbf44
ac9a5f545df57729efbc61b74b678435d54d1757
1971af77676a12148d5525369c3780a51e093a01484319563d9c33a15b2db6e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831-1.webp HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/webp
content-length: 29778
last-modified: Sat, 01 Oct 2022 10:34:31 GMT
etag: "633817b7-7452"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/download-3.jpg
212.227.191.17200 OK 9.9 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/download-3.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 275x183, components 3\012- data
Hash 5a4d2c9951892c9646edd6226da53916
8f93aafc64c813535c69fb66e957fd8f21266448
828d27dda9a71a7a5f8a4266a138a35c98f6b84b57370e9111ebf3ad292eb9f9
GET /wp-content/uploads/2022/10/download-3.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 9895
last-modified: Sat, 01 Oct 2022 10:32:53 GMT
etag: "63381755-26a7"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/WhatsApp-Image-2022-10-01-at-11.55.42-AM.jpeg
212.227.191.17200 OK 95 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/WhatsApp-Image-2022-10-01-at-11.55.42-AM.jpeg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 885x513, components 3\012- data
Hash 45c8232f68d8b0fd5cf7c23e12a36a13
3223f3dc554413a101050179492d2b433df7eaba
5fe479986b9aba7d43259aaaf60060aa49c0b382480704110babcee29982b158
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/WhatsApp-Image-2022-10-01-at-11.55.42-AM.jpeg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 94567
last-modified: Sat, 01 Oct 2022 08:06:48 GMT
etag: "6337f518-17167"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831.webp
212.227.191.17200 OK 30 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831.webp
IP 212.227.191.17:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1aab6f2067bf97bee19bd06c66adbf44
ac9a5f545df57729efbc61b74b678435d54d1757
1971af77676a12148d5525369c3780a51e093a01484319563d9c33a15b2db6e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/argusnews-screenshot-276-c9dd3fdc-2723-45ce-99dc-8b00477d3831.webp HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/webp
content-length: 29778
last-modified: Sat, 01 Oct 2022 10:28:19 GMT
etag: "63381643-7452"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/09/Rain-in-Kolkata-during-Durga-Puja1.jpg
212.227.191.17200 OK 37 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/09/Rain-in-Kolkata-during-Durga-Puja1.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x300, components 3\012- data
Hash e43e74889c65b6cb31849a33805c3183
a34a69cb5e4d4af1b5ed2efca82c8be2c3fd9e12
2df28722ddf304c6c947f2205e50d5c45d74001e999145edae7203408b9dff53
GET /wp-content/uploads/2022/09/Rain-in-Kolkata-during-Durga-Puja1.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 36566
last-modified: Fri, 30 Sep 2022 03:46:04 GMT
etag: "6336667c-8ed6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/Pakistan-government-twitter-960x540.jpg.webp
212.227.191.17200 OK 9.6 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/Pakistan-government-twitter-960x540.jpg.webp
IP 212.227.191.17:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 960x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2aeabe07f46a40e06edf0fdb672cc606
21e77ba853603fbc66dce9ca45ce376c34ccf5b9
b846e4e483d4820d9b8b203acfbad7f6edb8a620dfc827c497710837ee22f303
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/10/Pakistan-government-twitter-960x540.jpg.webp HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/webp
content-length: 9594
last-modified: Sat, 01 Oct 2022 07:56:12 GMT
etag: "6337f29c-257a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/js/scripts.js?ver=5.9.4
212.227.191.17200 OK 63 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/js/scripts.js?ver=5.9.4
IP 212.227.191.17:0
Hash 753158a5ffad6e8240e7834b47832fc9
03c2353164c174cc6e41b5d02da1e3652d52acf8
22334f610555b5dfd3464a5bd8fe51281e680374a7ef89ae79879e8005355a37
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/js/scripts.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-96c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odiannews.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 288221
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0
212.227.191.17200 OK 26 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0
IP 212.227.191.17:0
File type ASCII text, with very long lines (48664)
Hash ebfac9d82ed3ec4c8c9da074ddfc1c78
d230dabe939609630f8b8b6682d2e503971fcc84
95c62e29197de8224547e338c58840078fb4ce7c047bd1314498c888e6c06f52
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-bf06"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9
212.227.191.17200 OK 19 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9
IP 212.227.191.17:0
File type ASCII text, with very long lines (19015)
Hash 3be29aa8f10c8d237e50330617d40559
90ca712cb378af4e4853346c40d3d4a208270a22
7cd846532ac6317245ee6265e3ef498ee0e09f25c74cab44d9fb036cfc2cb371
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-4acc"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4
212.227.191.17200 OK 23 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4
IP 212.227.191.17:0
File type ASCII text, with very long lines (31997)
Hash 68643d1641b4639516158af3178225e0
c7fa9c9b7d1b5d57a3b2a3640e2c1a9d64096e8d
5721b0baf774079cc007016bdea207bfc1b12068d6d3cd58b6f28767d6d2df8e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-ad36"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2
212.227.191.17200 OK 14 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2
IP 212.227.191.17:0
File type ASCII text, with very long lines (521)
Hash 634b90c60ee9406b02d67b249ad6e65c
39c83e6bcf4085e49bc5693e30fac3747bebfd04
bfa67fd6d55a97ef2308ff9ce0e3465f1aacdc86d27974c1e1ecbc9701374396
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-d34"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=5.9.4
212.227.191.17200 OK 9.3 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=5.9.4
IP 212.227.191.17:0
Hash e5d9e52854f3286e78bf5ad2b0628f9c
73af726d3746bb6306922b3f49fec6c4e4d1b329
e2a322039ddc0278ee228a3ca2509acef1ac2d22ed899cc940cce7ac4a9324dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"387-5d811a37ea48b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=5.9.4
212.227.191.17200 OK 16 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=5.9.4
IP 212.227.191.17:0
Hash 3811496142c8f9a41e3e7906a6c0c9c5
47fd63deb5a765b0c9d3a85a70fa13454b6b2f72
3095972bc46d57206255c870b7a37c723b06f107bfbf43ac4b9e3796877d6a17
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel-settings.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"f3-5d811a37ed753"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=5.9.4
212.227.191.17200 OK 82 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=5.9.4
IP 212.227.191.17:0
File type ASCII text, with very long lines (1219)
Hash 112f4dfe9823a1000c90acef53876538
69903a0a3e8c2ec6b898426d932280d74eabb307
b3522197c87b0e36ecbc83bc3a0705202bdc881d420aa95e7342243044350639
GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee.min.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-235d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215
212.227.191.17200 OK 7.4 kB URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215
IP 212.227.191.17:0
Hash 5750c90e09f81f9ce08bbe099a3118f0
8bef47ca9bc05fddac930d7e5f9b8a87a9a40817
3aeb02dfce8463628eee0e364edd8d64225d9b7b075e3b69d4e55be872a47afb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"2ad-5d811a37e7993"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-26-at-12.21.51-PM.jpeg
212.227.191.17200 OK 61 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-26-at-12.21.51-PM.jpeg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1040x780, components 3\012- data
Hash 43325c51562d9ab14d05503de9766822
fe9da2de24fc340f135dd20905f322c634f95bd9
10e9bae143111c79d3162c4282b16a0d1bbe62333e0aca5697a8a847fb3c8266
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/04/WhatsApp-Image-2022-04-26-at-12.21.51-PM.jpeg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 61046
last-modified: Tue, 26 Apr 2022 07:03:25 GMT
etag: "6267993d-ee76"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/04/bannana-300x158.jpg
212.227.191.17200 OK 40 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/04/bannana-300x158.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=20, height=3456, bps=0, PhotometricIntepretation=RGB, description=bananas, many, banana, fruit, background, fresh, market, ripe, bunch, food, healthy, yellow, tropical, stack, organic, color, c, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 300x158, components 3\012- data
Hash fff78380b63753ad7b8ae2f1424f57e4
666b0809382e7dd12ec893c5200e418f7662c696
47392d23621383722ce2444f771fa02a6471c6d54b03ba5e4f428ad3ca211c7a
GET /wp-content/uploads/2022/04/bannana-300x158.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 39863
last-modified: Thu, 28 Apr 2022 06:20:29 GMT
etag: "626a322d-9bb7"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.2
212.227.191.17200 OK 18 kB URL HTTP/2 odiannews.com/wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.2
IP 212.227.191.17:0
File type Unicode text, UTF-8 text, with very long lines (4284), with no line terminators
Hash 6e1b2a47589507d4fd3edfb4415e31cc
9610e23ec2057327830c1e86383341eb0587eecd
81e4557cb788e1c4e031f90e148cc3547421709d5db8708367c096b27ccf641c
GET /wp-content/plugins/location-weather/assets/js/Old-locationWeather.min.js?ver=1.3.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 15:55:07 GMT
etag: W/"63331cdb-10c2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/01/somyakanta-rajkanika-1-300x275.jpeg
212.227.191.17200 OK 15 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/01/somyakanta-rajkanika-1-300x275.jpeg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x275, components 3\012- data
Hash 1fbe7b028457df684552330e67bcf8f4
8086babc8b2b447b018e716d8686a4385bd1b739
bd64b785ed68bf4676bc58d4dab932d81047cee650ed7fa7459430c21943b5f8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/01/somyakanta-rajkanika-1-300x275.jpeg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 14826
last-modified: Sun, 16 Jan 2022 13:16:51 GMT
etag: "61e41ac3-39ea"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.8
212.227.191.17200 OK 34 kB URL HTTP/2 odiannews.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.8
IP 212.227.191.17:0
File type ASCII text, with very long lines (18436)
Hash 498da61dba8d462f95c426c4f79afe6f
8c3013b5182b137378f47f1e1b61962bb857d7d3
6040785e1c63fbbb4c72fa9837b693d3ad9d3fa933f10d5a20170bd172fa9e93
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.8 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Sun, 17 Apr 2022 10:15:33 GMT
etag: W/"625be8c5-15854"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/07/72-year-old.jpg
212.227.191.17200 OK 59 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/07/72-year-old.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 645x429, components 3\012- data
Hash 8bf3ed858f2a2e078ecb20102f58ef22
5f15fa62d56b976edf202e8fa2f28225965c6341
a5ccf8f047930132c80da75f91fbb0ac5098bfea8dfb948f5559ad0c6e39bc8e
GET /wp-content/uploads/2022/07/72-year-old.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 58913
last-modified: Sat, 09 Jul 2022 16:54:32 GMT
etag: "62c9b2c8-e621"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
212.227.191.17200 OK 41 kB URL HTTP/2 odiannews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 212.227.191.17:0
File type ASCII text, with very long lines (62884)
Hash 547b9e6831f9056510efe6a1850c6126
6fe4cc726fd3c66619d8c19f2d490e90173a24bd
da1d31cc300029e0b3e991b5bc8b3a63d4e9adcdaea1c85a3f4ea52add814bf7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 19:00:18 GMT
etag: W/"63373cc2-167b4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
212.227.191.17200 OK 18 kB URL HTTP/2 odiannews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 212.227.191.17:0
File type ASCII text, with very long lines (11126)
Hash fbf8dfd63e82b55a2df180bb8f639ccc
d9eea6cd6b462e5699392b2cf0540f580287357c
d9f6703f6a06ab722553f7440f9d728d54611090b96bf128d7c40b49d16ae26b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Fri, 30 Sep 2022 18:59:52 GMT
etag: W/"63373ca8-35db"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
212.227.191.17200 OK 176 kB URL HTTP/2 odiannews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP 212.227.191.17:0
File type ASCII text, with very long lines (39791)
Size 176 kB (176290 bytes)
Hash 552f833c8cf87281112c3405cc04a5cf
05f2fcf976e0bfc332ebd4856e4d5a156dddfe79
a113b84868016c99de73468a2b691600ac1be2078bc6ab0a189317ad44de6e1a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 03:55:06 GMT
etag: W/"624d0f1a-145db"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
212.227.191.17200 OK 22 kB URL HTTP/2 odiannews.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 212.227.191.17:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 56e1ab3b4ab9ca37688e8d2dd4ab00e9
39ebf9a8d3c513787391806f697e12c3d9277475
6e3a7b9dc1e84425b8541f90eeb31a3ac5e155de058b3ef6994f2ba947bb0dcf
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:55:52 GMT
etag: W/"62150788-50ea"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/06/3-plastic-300x199.jpg
212.227.191.17200 OK 29 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/06/3-plastic-300x199.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x199, components 3\012- data
Hash 1087ebb5d20ae5b205655431ef5e6396
9af33b1ff979f381e840df521b6911b71986d414
36b0666c6f3ae2077b1b81f06e715820efffb12970d8de1dbab6d1ec092e3565
GET /wp-content/uploads/2022/06/3-plastic-300x199.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 29212
last-modified: Sun, 05 Jun 2022 05:12:34 GMT
etag: "629c3b42-721c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/gallery-videos/JS/modernizr.custom.js?ver=5.9.4
212.227.191.17200 OK 18 kB URL HTTP/2 odiannews.com/wp-content/plugins/gallery-videos/JS/modernizr.custom.js?ver=5.9.4
IP 212.227.191.17:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (9019), with no line terminators
Hash 8a28a2b594ce3cf2b2d35d6c04ea20d4
9b7858ac0a7f4d537b8ef9502e7fbcba242b887f
8b667db876805b66d00629ccc0228e3bbc9fc0b9c576c8cd6f265bf27523526b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gallery-videos/JS/modernizr.custom.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 15:55:57 GMT
etag: W/"63346e8d-233b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/09/download-1-2.jpg
212.227.191.17200 OK 7.0 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/09/download-1-2.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 295x171, components 3\012- data
Hash f00251cd803f76f52d49e822e88378c9
50cd3270d582bfdcf0af6f2fddc57c383b6fa053
432ba3cc3a966b74b561bd4acd62fc6ba174912a919229d353a077f0db9c8e67
GET /wp-content/uploads/2022/09/download-1-2.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 6961
last-modified: Thu, 22 Sep 2022 06:42:50 GMT
etag: "632c03ea-1b31"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/gallery-videos/CSS/ts-vgallery-block.css?ver=5.9.4
212.227.191.17200 OK 10 kB URL HTTP/2 odiannews.com/wp-content/plugins/gallery-videos/CSS/ts-vgallery-block.css?ver=5.9.4
IP 212.227.191.17:0
Hash 7abc88df75a66371e01b2d0c5ad753be
e987d940a174aa9385df0749ed78055d9a2d92bd
c631259db03bfc260adc63c6aeccd686560d0ba25e86b8669b2700beeee2ba33
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gallery-videos/CSS/ts-vgallery-block.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 15:55:57 GMT
etag: W/"375-5e9becbea9b43"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/09/cricket-2-650x430-1-300x198.jpg
212.227.191.17200 OK 19 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/09/cricket-2-650x430-1-300x198.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 300x198, components 3\012- data
Hash c90168728f57d8c8fd717694143ffcca
4f6eaa06a9a1f356c857e382fb3654ea859d4844
c9fbd2d82216822d93c59356a722e4e8d10ee1d5e3f623692f73daa5d3e77b99
GET /wp-content/uploads/2022/09/cricket-2-650x430-1-300x198.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 19245
last-modified: Sun, 25 Sep 2022 14:18:03 GMT
etag: "6330631b-4b2d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/ubermenu/assets/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
212.227.191.17200 OK 57 kB URL HTTP/2 odiannews.com/wp-content/plugins/ubermenu/assets/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 212.227.191.17:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ubermenu/assets/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://odiannews.com/wp-content/plugins/ubermenu/assets/css/fontawesome/css/font-awesome.min.css?ver=4.3
Cookie: slicevisitor=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: font/woff2
content-length: 56780
last-modified: Tue, 14 Jul 2020 16:17:42 GMT
etag: "5f0ddaa6-ddcc"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/09/ffvdbf-300x200.jpg
212.227.191.17200 OK 15 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/09/ffvdbf-300x200.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x200, components 3\012- data
Hash 034888114c850015bcc32d656db96d25
80c9c054ca561a771eba9d482d625a0700e7f15d
8cf7a5de83fe65801ce21a3696bc55f62ff0eca98f7789e5afe5e75c024833c5
GET /wp-content/uploads/2022/09/ffvdbf-300x200.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 14754
last-modified: Sun, 25 Sep 2022 05:22:12 GMT
etag: "632fe584-39a2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/10/biden.jpg
212.227.191.17200 OK 29 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/10/biden.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 636x345, components 3\012- data
Hash 9c2f14414b562d78c68e7e229bd21462
a07459d5f0e78c44fe632bdf297d5749c7202b86
4ece5fa24aaa0612de47b0355de7699ac6c5ed0cdd1331f408db0dcfad6d222d
GET /wp-content/uploads/2022/10/biden.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 29006
last-modified: Sat, 01 Oct 2022 04:16:06 GMT
etag: "6337bf06-714e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2022/09/bba49e98-16f4-11ed-9ba3-d097bf79e873_1664011092537_1664011092537_1664011128378_1664011128378.jpg
212.227.191.17200 OK 29 kB URL HTTP/2 odiannews.com/wp-content/uploads/2022/09/bba49e98-16f4-11ed-9ba3-d097bf79e873_1664011092537_1664011092537_1664011128378_1664011128378.jpg
IP 212.227.191.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, progressive, precision 8, 600x338, components 3\012- data
Hash a7bd44eeaee5f6e27536ddb3f9422377
62c2ba8b8c40d94566c3d9e402b5d563f64ba8f8
b770668595dee2ce774ead4954c3b10ec806bc34d0ac34a77f7d846ea7f5aac9
GET /wp-content/uploads/2022/09/bba49e98-16f4-11ed-9ba3-d097bf79e873_1664011092537_1664011092537_1664011128378_1664011128378.jpg HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/jpeg
content-length: 28693
last-modified: Sat, 24 Sep 2022 13:19:35 GMT
etag: "632f03e7-7015"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
odiannews.com/wp-content/uploads/2020/07/house-48-24x24.ico
212.227.191.17200 OK 2.5 kB URL HTTP/2 odiannews.com/wp-content/uploads/2020/07/house-48-24x24.ico
IP 212.227.191.17:0
File type MS Windows icon resource - 1 icon, 24x24, 32 bits/pixel\012- data
Hash 017ad93818e0521720bb631030131575
92bffbdc0a6e56ee31be5c7d33fa69ed411067b9
d52609a9a3e890922e84c8c84727d0adbfa37d107050f95cb468270502bf5f35
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/house-48-24x24.ico HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/vnd.microsoft.icon
content-length: 2462
last-modified: Tue, 14 Jul 2020 09:38:16 GMT
etag: "5f0d7d08-99e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=205471077&post=5&tz=0&srv=odiannews.com&host=odiannews.com&ref=&fcp=2059&rand=0.5397590218801923
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=205471077&post=5&tz=0&srv=odiannews.com&host=odiannews.com&ref=&fcp=2059&rand=0.5397590218801923
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.8&blog=205471077&post=5&tz=0&srv=odiannews.com&host=odiannews.com&ref=&fcp=2059&rand=0.5397590218801923 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 02:41:09 GMT
expires: Sun, 02 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 3400
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.2.0.2
212.227.191.17200 OK 6.3 kB URL HTTP/2 odiannews.com/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.2.0.2
IP 212.227.191.17:0
File type ASCII text, with very long lines (615)
Hash 771f135926334479ea946d382ab14531
6730c1bd161234b923be2cbb53adff5dc0e9ebce
8a9c851e6a5c20a82a3aec10187924924ffb65bac55716110c2c00f555c7c5ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.2.0.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 14 Jul 2020 16:17:42 GMT
etag: W/"5f0ddaa6-64e5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Sun, 02 Oct 2022 04:59:06 GMT
Date: Sun, 02 Oct 2022 03:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Sun, 02 Oct 2022 04:59:06 GMT
Date: Sun, 02 Oct 2022 03:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Sun, 02 Oct 2022 04:59:06 GMT
Date: Sun, 02 Oct 2022 03:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Sun, 02 Oct 2022 04:59:06 GMT
Date: Sun, 02 Oct 2022 03:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Sun, 02 Oct 2022 04:59:06 GMT
Date: Sun, 02 Oct 2022 03:37:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa35a86a2-6f2d-47bd-970a-75f2caba5ecc.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa35a86a2-6f2d-47bd-970a-75f2caba5ecc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31c14c715893e82dd04f10bb9c863e64
55f0192d2aabb99c72ee0827013e26cd38baaf81
6f1c716bd7062a97bfe20e6fcdd3f5a7d69248d3673f517fb92b15363e936a4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa35a86a2-6f2d-47bd-970a-75f2caba5ecc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7733
x-amzn-requestid: ecc1e276-bf29-4c81-b415-065b0eea0a70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHnEwNoAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-3b6b2da5041c65ed11b97e66;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PE-7riXxL8vF5moOsmQCiKO6sKwPFErA0dYJ9RfpdVcQoAdianLv3Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:26 GMT
etag: "55f0192d2aabb99c72ee0827013e26cd38baaf81"
content-type: image/jpeg
age: 20964
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 20957
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 20956
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 82618
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce67c74-164e-4fb0-a810-58020e3bb3c1.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce67c74-164e-4fb0-a810-58020e3bb3c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701e0a9a5dbe3c67816f7c97900f23dc
3ee4894d6ef2a805563c3dd97f0ff75df62fb878
7f285114fc8f5fcfda7b2031edc9bbf16f6ae25a39eed0f2fa2f2c5bc068b5a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce67c74-164e-4fb0-a810-58020e3bb3c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13652
x-amzn-requestid: ce658406-aedf-4e0e-b103-2659dda4aaf1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOE8nIAMF0zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-3d3a91f3429bd543029e40ba;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sHOoUihgHVH6zTSWmycJg-Qyndllrbll0PSSNH0hc1SXtry74p8-zw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:26 GMT
age: 20964
etag: "3ee4894d6ef2a805563c3dd97f0ff75df62fb878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4043a1cb-a427-407b-90c2-59adcca462c8.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4043a1cb-a427-407b-90c2-59adcca462c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8342b284a0d5383fff1aae9375ef009
b5122a1c700e68a2322300a1e9d38453a1c3eb3a
b316b4db642e349e452b09cf49767c8b05ebd2db05f217e927065a571c9aa1fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4043a1cb-a427-407b-90c2-59adcca462c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7725
x-amzn-requestid: 2b15132c-03f8-4b9a-b3a9-2217fbfd89c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIQHviIAMFtYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-749367997b2e5c9c106d8380;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BUYB6NasOkQ9eOkG3-59ioLAe206_V0Q4X-aTN-Kvv7-6fEf7zDX2Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:56:35 GMT
age: 20475
etag: "b5122a1c700e68a2322300a1e9d38453a1c3eb3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /speak.php?q=1311&w=334-1166-567334-46 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 03:37:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/track.php?nid=54889&yid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?nid=54889&yid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://odiannews.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 03:37:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
91.211.91.104200 OK 796 B URL HTTP/2 away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1357994913ede63f40e70c6c6977b65
20262fd6fad6bd71d55de97c42cc61040f5dd070
1538adba5c3b3c77f05291c6797d72fc22f98b9e044fffadc6628b7e8495a1f8
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://odiannews.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:51 GMT
content-type: text/html; charset=UTF-8
content-length: 796
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4487ac65450e0ee09752c900536547df
149b6332cdc18493a4769ceb524956065d85e38c
8c68070fb294499994e834924d18202830871bc3c653a82a102bbf56363ff764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C68070FB294499994E834924D18202830871BC3C653A82A102BBF56363FF764"
Last-Modified: Sat, 01 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9657
Expires: Sun, 02 Oct 2022 06:18:48 GMT
Date: Sun, 02 Oct 2022 03:37:51 GMT
Connection: keep-alive
groundflares.net/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 groundflares.net/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Phishing
GET /b81698fd2.js HTTP/1.1
Host: groundflares.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=b169e1ae-17e2-45b5-85b6-216e9cda3ce1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
groundflares.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 groundflares.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: groundflares.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://groundflares.net/go/gmytgnrvg45dcmbyg4yq?sub2=lowerp8
Cookie: uuid=b169e1ae-17e2-45b5-85b6-216e9cda3ce1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a720957ba0c42b79c1cf826587b62b8
73407225ad906997caedf9e226e165fad62339ae
0b1860857362992e98a4c2bdf62ef88002a0b799afa2393fd3e6eaab1975afae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B1860857362992E98A4C2BDF62EF88002A0B799AFA2393FD3E6EAAB1975AFAE"
Last-Modified: Sat, 01 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8241
Expires: Sun, 02 Oct 2022 05:55:13 GMT
Date: Sun, 02 Oct 2022 03:37:52 GMT
Connection: keep-alive
0.groundflares.net/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 0.groundflares.net/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
Analyzer Verdict Alert fortinet Phishing
GET /b81698fd2.js HTTP/1.1
Host: 0.groundflares.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=b169e1ae-17e2-45b5-85b6-216e9cda3ce1; uuid=b169e1ae-17e2-45b5-85b6-216e9cda3ce1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
51.15.18.159200 OK 20 kB IP 51.15.18.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7731)
Hash bc422a05d37d2f0c211bcea337b2170b
24e3f83e3ccf1dc18ce6307191a9ba09bd6730ab
df3d524c22f1bc5e1297e23634c369193f6a7b0efab0c83f905afc0d9589ef6b
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://groundflares.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Mon, 02 Oct 2023 03:37:52 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d3931617875d12a991b7324f2d62221
ef030ad24361a2d913e6b59eaf266f4ff4857196
0c5158e689105ef422e8d51ed1d7dfa7e600d0a56a79a670b17f5bdbdbaf4373
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C5158E689105EF422E8D51ED1D7DFA7E600D0A56A79A670B17F5BDBDBAF4373"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16863
Expires: Sun, 02 Oct 2022 08:18:55 GMT
Date: Sun, 02 Oct 2022 03:37:52 GMT
Connection: keep-alive
di4.biz/favicon.ico
185.177.92.179204 No Content 0 B IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=gu4dqm3fge5dcnrqgixtcmbyg4ys6mrqf4ztoodbge3dayjpgi2c6mjwgy2dmobrha3te&p=b&sub1=&sub2=lowerp8&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=95e3e005-7668-445e-9e1d-244d966a476d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 02 Oct 2022 03:37:53 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/my-html-post-widgets/style.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/my-html-post-widgets/style.css?ver=5.9.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/my-html-post-widgets/style.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Sat, 18 Jul 2020 04:42:17 GMT
etag: W/"60-5aaafe5ebfc40"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.2
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.2
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/location-weather/assets/css/splw-style.min.css?ver=1.3.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 15:55:07 GMT
etag: W/"63331cdb-78c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
di4.biz/?auf=gu4dqm3fge5dcnrqgixtcmbyg4ys6mrqf4ztoodbge3dayjpgi2c6mjwgy2dmobrha3te&p=b&sub1=&sub2=lowerp8&sub3=&sub4=&cpc=0&cpm=0
185.177.92.179200 OK 0 B URL HTTP/2 di4.biz/?auf=gu4dqm3fge5dcnrqgixtcmbyg4ys6mrqf4ztoodbge3dayjpgi2c6mjwgy2dmobrha3te&p=b&sub1=&sub2=lowerp8&sub3=&sub4=&cpc=0&cpm=0
IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?auf=gu4dqm3fge5dcnrqgixtcmbyg4ys6mrqf4ztoodbge3dayjpgi2c6mjwgy2dmobrha3te&p=b&sub1=&sub2=lowerp8&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.groundflares.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=95e3e005-7668-445e-9e1d-244d966a476d; expires=Tue, 01-Nov-2022 03:37:52 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
cdn.weatherplllatform.com/base.js?v=33.4
91.211.91.114200 OK 0 B URL HTTP/2 cdn.weatherplllatform.com/base.js?v=33.4
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
GET /base.js?v=33.4 HTTP/1.1
Host: cdn.weatherplllatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 20:14:42 GMT
vary: Accept-Encoding
etag: W/"6334ab32-1835"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/gallery-videos/CSS/Total-Soft-Gallery-Video-Widget.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/gallery-videos/CSS/Total-Soft-Gallery-Video-Widget.css?ver=5.9.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gallery-videos/CSS/Total-Soft-Gallery-Video-Widget.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 15:55:57 GMT
etag: W/"63346e8d-c9b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.2
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.2
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/location-weather/assets/css/old-style.min.css?ver=1.3.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 27 Sep 2022 15:55:07 GMT
etag: W/"2ac-5e9aaab15bbb2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9.4
IP 212.227.191.17:0
GET /wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-9226"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/ubermenu/assets/css/fontawesome/css/font-awesome.min.css?ver=4.3
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/ubermenu/assets/css/fontawesome/css/font-awesome.min.css?ver=4.3
IP 212.227.191.17:0
GET /wp-content/plugins/ubermenu/assets/css/fontawesome/css/font-awesome.min.css?ver=4.3 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 14 Jul 2020 16:17:42 GMT
etag: W/"5f0ddaa6-5cbb"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9.4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9.4
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 03:37:49 GMT
date: Sun, 02 Oct 2022 03:37:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4
IP 212.227.191.17:0
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: W/"5cfaccce-105a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.43
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.43
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.43 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 15:55:06 GMT
etag: W/"6310d5da-1d595"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8
IP 212.227.191.17:0
GET /wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.8 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Tue, 08 Mar 2022 03:55:02 GMT
etag: W/"6226d396-d0f"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/gallery-videos/JS/Total-Soft-Gallery-Video-Widget.js?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/gallery-videos/JS/Total-Soft-Gallery-Video-Widget.js?ver=5.9.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gallery-videos/JS/Total-Soft-Gallery-Video-Widget.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 15:55:57 GMT
etag: W/"63346e8d-173bf"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-2765"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/
212.227.191.17200 OK 0 B IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/html; charset=UTF-8
link: <https://odiannews.com/wp-json/>; rel="https://api.w.org/", <https://odiannews.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://odiannews.com/>; rel=shortlink
set-cookie: slicevisitor=1; expires=Sun, 02-Oct-2022 03:39:48 GMT; Max-Age=120; path=/
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.30, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4
IP 212.227.191.17:0
GET /wp-content/themes/newscard/assets/library/owl-carousel/owl.carousel.min.css?ver=2.3.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-d17"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
51.15.18.159200 OK 0 B IP 51.15.18.159:0
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.groundflares.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Mon, 02 Oct 2023 03:37:52 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/style.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/style.css?ver=5.9.4
IP 212.227.191.17:0
GET /wp-content/themes/newscard/style.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-1cf5c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.2.0.2
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.2.0.2
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.2.0.2 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 14 Jul 2020 16:17:42 GMT
etag: W/"5f0ddaa6-9b6b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
groundflares.net/go/gmytgnrvg45dcmbyg4yq?sub2=lowerp8
185.177.94.152200 OK 0 B URL HTTP/2 groundflares.net/go/gmytgnrvg45dcmbyg4yq?sub2=lowerp8
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /go/gmytgnrvg45dcmbyg4yq?sub2=lowerp8 HTTP/1.1
Host: groundflares.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:52 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=b169e1ae-17e2-45b5-85b6-216e9cda3ce1; expires=Tue, 01-Nov-2022 03:37:51 GMT; Max-Age=2592000; path=/; domain=groundflares.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=5.9.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/jquery.marquee/jquery.marquee-settings.js?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"27b-5d811a37ecb9b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Sun, 26 Sep 2021 07:42:00 GMT
etag: W/"61502448-2bf8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.43
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.43
IP 212.227.191.17:0
GET /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.43 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 15:55:06 GMT
etag: W/"6310d5da-25e4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-includes/css/dashicons.min.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-includes/css/dashicons.min.css?ver=5.9.4
IP 212.227.191.17:0
GET /wp-includes/css/dashicons.min.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Sun, 26 Sep 2021 07:42:00 GMT
etag: W/"61502448-e688"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 17:12:32 GMT
etag: W/"620bdf00-235bf"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/ubermenu/pro/assets/css/skins/orange.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/ubermenu/pro/assets/css/skins/orange.css?ver=5.9.4
IP 212.227.191.17:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ubermenu/pro/assets/css/skins/orange.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:49 GMT
content-type: text/css
last-modified: Sat, 18 Jul 2020 10:38:29 GMT
etag: W/"5f12d125-1b8d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
odiannews.com/wp-content/plugins/gallery-videos/CSS/totalsoft.css?ver=5.9.4
212.227.191.17200 OK 0 B URL HTTP/2 odiannews.com/wp-content/plugins/gallery-videos/CSS/totalsoft.css?ver=5.9.4
IP 212.227.191.17:0
GET /wp-content/plugins/gallery-videos/CSS/totalsoft.css?ver=5.9.4 HTTP/1.1
Host: odiannews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odiannews.com/
Cookie: slicevisitor=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 03:37:48 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 15:55:57 GMT
etag: W/"63346e8d-9eae"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2