Report - newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/

Report Overview

Submitted URL
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
IP
104.21.29.63
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-27 23:12:32
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
newsworld.cloud	unknown	2021-04-21	2021-04-21	2023-05-27	21 kB	1.7 MB	104.21.29.63
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-27	1.5 kB	18 kB	216.58.207.202
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-27	4.9 kB	180 kB	216.58.207.227
www.binomstat.info	unknown	2022-04-27	2022-06-05	2023-05-27	6.1 kB	9.1 kB	104.21.19.144
medical-room.site	unknown	2020-04-06	2020-04-12	2023-05-27	431 B	239 B	46.101.136.93
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-05-27	432 B	32 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-27	medium	newsworld.cloud/js/back.js
2023-05-27	medium	newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/empty.ico
2023-05-27	medium	newsworld.cloud/js/form_validate.js
2023-05-27	medium	newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
2023-05-27	medium	newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js	88 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:43 Last Seen2024-04-23 21:11:49 Times Seen6766 Hash bbcf3bf05fa6cb58a67cfd0498f00d23 e4925196f6f444fa58915420fbcd80f909c68d28 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8 Loading...

	newsworld.cloud/js/binom.js	4.1 kB	2023-03-26	2023-09-20
Pretty URL newsworld.cloud/js/binom.js IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:52:56 Last Seen2023-09-20 06:58:38 Times Seen77 Hash 23eebd35c0df67458708791d9fb2da1f c3f807e94ce309ed459bfc270eab8fd1cc098c46 eb3d0b3ae3e4f3244cdedb18451348edd6f1e41b5c3be8aa5ea797b5c3e59848 Loading...

	newsworld.cloud/js/form_validate.js	3.5 kB	2023-03-07	2023-09-20
Pretty URL newsworld.cloud/js/form_validate.js IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:48 Last Seen2023-09-20 06:58:38 Times Seen90 Hash e5965c9bca6c2d3ac8d6b3ae2e28ab61 1ed9d92c678a35e868f87684acc4c6caec2c734f 325ae3ebc4e1521ef1111318510de7dcb1dca2ac479ca1bcf27162dd20c166b2 Loading...

	newsworld.cloud/js/back.js	6.8 kB	2023-03-07	2023-09-20
Pretty URL newsworld.cloud/js/back.js IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:48 Last Seen2023-09-20 06:58:38 Times Seen82 Hash d00820ad09e4c241902e85bfa1f6e08a e16e0de325f13677084f596fa198ca7694f1b06c cf52e4b88e2562bcb1a85a6d8f43e48a50546c7e33cd649645390d46509c58d5 Loading...

	newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js	11 kB	2023-03-07	2023-09-20
Pretty URL newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:08:17 Last Seen2023-09-20 06:58:38 Times Seen6 Hash dc95c0c7471f241a6d92f5f53f23ed6e 3477c7bc253943a61671a52d78a0d699ce2efae4 ea4226c2e30bc146580fa3ac735687f1e0563b9362b182ec6c28fbaeaefa4e57 Loading...

HTTP Transactions (69)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30768 bytes)
Hash
bbcf3bf05fa6cb58a67cfd0498f00d23
e4925196f6f444fa58915420fbcd80f909c68d28
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

HTTP Headers

GET /ajax/libs/jquery/3.4.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 02:17:44 GMT
expires: Fri, 24 May 2024 02:17:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 248070
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/logo_med.jpg

104.21.29.63

200 OK

8.8 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/logo_med.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 464x101, components 3\012- data
Size
8.8 kB (8779 bytes)
Hash
eb6a5fdf047621e88ea4579d93fd4cbf
fd834c8383e2e5978eb3fd68c9ec02314170a7c7
7285989146f619ff7d9df2562dd24b0633424a99d8560aad3b643466c61f6b15

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/logo_med.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 8779
last-modified: Thu, 14 Jul 2022 07:39:51 GMT
etag: "62cfc847-224b"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYM%2FLvZNVr3bdtyhKpegHRvOWHzZIwHORr0RoXVoCI6feZ78Iw63zoApxuFNjnLenGiqsU5uya%2FQFuQoK%2B9oMqjSbBcwfxdqykkj9o%2B18PqRSFwCtzpPPPEx8vQ%2FJtr0svc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbd9b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image.png

104.21.29.63

200 OK

110 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 341 x 392, 8-bit/color RGB, non-interlaced\012- data
Size
110 kB (109844 bytes)
Hash
a4f2cd78703ad8d03a0bdc32561eddaf
4909ff2809f32b33993f1712debdf85c9e8ba31d
66e5ed06f3faafb9386a008bf92d8e0969374e51f3656b3a788af36b03b055b3

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/image.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 109844
last-modified: Thu, 14 Jul 2022 07:39:48 GMT
etag: "62cfc844-1ad14"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlhuzS6FS5AKwnXP%2F50w3ZdKrMM9ewaFT%2F%2FkiJ%2BIXsUcPt%2FDnJ6fIDb7cC3ZnY1oozDaBFrIYwlsZ2H3fsaeUDbp%2FOgdDXgO4DN2ndJTEcRGGGEy3AKgUENUC89d2fG72Jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbe0b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image3.png

104.21.29.63

200 OK

20 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image3.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 500x349, components 3\012- data
Size
20 kB (19496 bytes)
Hash
51addcfdc3fa07503cf9677d6c0d98cb
09798697e4c1e85979b96712a838151665673ebb
57bceba5d45243e4aab6d5702ca4f9031d1f91b29a250d36eaddf30ba271aa0b

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/image3.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 19496
last-modified: Thu, 14 Jul 2022 07:39:49 GMT
etag: "62cfc845-4c28"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP6m9I4aha4nYJaJ9u1Rj5Jd0%2FCW5J5c32ykNwF4Cz8ON8UkcTrlFS2zpP7JCSjn%2BXksjTN7N88wa9IstNbj6EYPROGEfCy3l4hjAQtx3ky9Xkp8AXlmjgSr1KZnJUCEzh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbe4b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/prizewheel.png

104.21.29.63

200 OK

70 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/prizewheel.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70549 bytes)
Hash
28619178bd76f9cf61e61b80666806af
f78daf9ae1a270d21d9d618e448c8b4dfcca1b5e
9e1cc8ca70a75329e6157f4e635c5051f69a677acd1904e564a0fb97241f428e

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/prizewheel.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 70549
last-modified: Thu, 14 Jul 2022 07:39:51 GMT
etag: "62cfc847-11395"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgRpL6li7G69UzCOAGI%2F1Janz4a0G2K0FTvOYr0J22aUKeO0mC6E5cavX8w4W0n7fqeLd4ZE%2Bw2DwOJZFa%2BLpox4dcpkhpCEN9O8ANae1h4jEnlS3dYVANmGoOXmJ1%2BJhmY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbeeb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/tov.png

104.21.29.63

200 OK

66 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/tov.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 335 x 410, 8-bit/color RGBA, non-interlaced\012- data
Size
66 kB (65853 bytes)
Hash
c125d7b1afe3ef6c1543bc8b3c87b3fb
eac7f601e458224a378302e9b67250a872460a03
2d726f6cfb9531e38066e0e40395b24581425326a5ad23db442c75216869b238

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/tov.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 65853
last-modified: Tue, 09 Aug 2022 09:16:19 GMT
etag: "62f225e3-1013d"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCLKx1Efthy7p5l%2FOT5gEq0hHZlWq%2FarWkHsENvZIx7Xk0FOlAo%2F4ZPqk1uvsjapch6%2BKjbjp4EmYSCv9ahLAB4M%2BEKQilFc1M%2BMnKFF1DSa6GBa2UZZG1nWcmD9d93lXcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbecb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/2.jpg

104.21.29.63

200 OK

4.8 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/2.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.8 kB (4767 bytes)
Hash
71cc5d46e1acbb396cb7ce4630b56fec
f39e73331e65077b7443a656cfa005e2e08c5c9f
eece255a4aa1efcea5898a85b7c8e150056699ddc8b2f4f3d65470704982c40b

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/2.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4767
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-129f"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3edTOQVDRwNTvRzY%2FAU6HD9JPXC9BrRCYJb0hNMF0411Tpd14qZGtyPG6%2Bd%2BxsjadwM3hMqOhpxnTARxaFv4GWgJHq5k9olSb3iCE2fltm4uQPCABrUJjKixZ33E6Yc9AMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbf2b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/3.jpg

104.21.29.63

200 OK

5.5 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/3.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
5.5 kB (5451 bytes)
Hash
64a875d1d2e8703ddc8727b8855dc19b
ab9fff7daec306ccdbf7416ffda14479c9ab80ab
c05ea46c762fb0b25f5b90d839be0647afe4286c6ee79e4418a180e9e3159639

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/3.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 5451
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-154b"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuG%2F3pHYSfV4Z9435c5gsaiITFufik3mKlWTdM6NqoC%2F%2FF7m94MW0HjlVHUlv5VN62ygZbeHlelvG%2F1%2BqZ2hL%2FUhMMtn0qvCAhxteYUJVN7sn1GvntVDyIZ2zLA1Q26HsKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbf0b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/7.jpg

104.21.29.63

200 OK

4.4 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/7.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
69785b993ec2a381f717d696089f6712
136d2ebc61b8170a03ca33cbda2cf4cd774515ca
779c75e8508f45014cb268bedfc3eaa10ce2b2eba7fca9cc09dc0e5e37307f8f

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/7.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 14 Jul 2022 07:39:47 GMT
etag: "62cfc843-1141"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kGtwQEDY%2FUHnHidiPc8y2nCaAPBUbvjOehPrllEkp2uxBhF1lbxct8kFKDJwIfjZFS8X0DPVIFAGzVTTMwh1JZtWcF3QQulvc7dEoA%2BeJAQiLLA7J2CIPPJV%2FOPmbauxiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0bf9b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/wheel-cursor.png

104.21.29.63

200 OK

2.5 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/wheel-cursor.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 158 x 158, 8-bit colormap, non-interlaced\012- data
Size
2.5 kB (2531 bytes)
Hash
619d2440c3deaa1a0259497fcf031230
ef05e68d91e9680ee356c94d53b33a3595ee220a
39a06b6a561b9c1e915b5563b991eb40fe0f592b2a637c0d73e864cda93b71cc

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/wheel-cursor.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 2531
last-modified: Thu, 14 Jul 2022 07:39:52 GMT
etag: "62cfc848-9e3"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXoy53hp6QxfAQuPAuNFt4vC6KxOqTXU%2BPuPb7mYoo7JeovytdwsywnwF35MIN970HN57EZCtwZ%2FDcuNUHzFYEDqqzynx38M2WFX%2BkGOS3de9eO6bmGrpfIhVVN8TAFPVg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbeab521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/1.jpg

104.21.29.63

200 OK

4.2 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/1.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.2 kB (4179 bytes)
Hash
e91f98725e400700ba22663522565d1e
c2622e97dc2bc77e8c18715fa4562e54f1f08349
a9fd64b459e2841ee048f73217fc79a2a99c6b6fd3780b6aa502cffaafe95a24

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/1.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4179
last-modified: Thu, 14 Jul 2022 07:39:44 GMT
etag: "62cfc840-1053"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSTwvsmNwF2jv04%2FYYp21TREB%2BIFQrVl0bmyAgdZIPE1leCN4cdIAuvbhqxDr5vB9jkKtY2WOsi3GBp4raqEWgOTqj0ewXgbpVpPQtvJU%2F2W5hyN%2F9j%2B9AzugeDZaeZTH1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbf1b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/13.jpg

104.21.29.63

200 OK

5.0 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/13.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
5.0 kB (5005 bytes)
Hash
2e13b0863cc442754e896d669a58e13e
526fbe42bbd8a4aa6b799a2c0fa9685228b4485f
eaa995788ecfded0459f73850ce55e86d235b25dd1b7bff19037faf45676ddf6

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/13.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 5005
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-138d"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHeWPs%2B6XoKb58tbK%2Br%2FcyZPXuByH6J%2Be3wGxMBnaPGrAd3cLPvnNiuYjX6wbNxgM9tACcuNul8MKVLg5A84yHoeMQFaK%2Fdu85mc5qoGk98ZJIz8bUYkdQI%2By1QOt%2BL4CQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c10b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/otek-main.jpg

104.21.29.63

200 OK

31 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/otek-main.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1128x504, components 3\012- data
Size
31 kB (30606 bytes)
Hash
ce8853ea2d5971bdc4f9dbdf8a51d814
c1b71ebb986ace3a10d9f5c0f898bcf203d09e6e
591886747705d8969395442c37dc97db6701ebc3115dab97160b5bd38eb0989a

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/otek-main.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 30606
last-modified: Thu, 14 Jul 2022 07:39:51 GMT
etag: "62cfc847-778e"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPCGsIK7YQecnXUEQJ%2Belx1aEtOwM8RNt3SR7V1%2BTnP1MgIVAphlreU9mAvdHGgZkivzhO2VguvqxAs%2FgzgHRB8hayZhcLc5D55jH8%2FYFPAi9dyRvYY4jWSgdvmygHJ1tyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbdeb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image2.png

104.21.29.63

200 OK

52 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image2.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, description=OLYMPUS DIGITAL CAMERA , manufacturer=OLYMPUS IMAGING CORP., model=SP500UZ, orientation=upper-left, software=Version 1.1, datetime=0000:00:00 00:00:00], baseline, precision 8, 451x338, components 3\012- data
Size
52 kB (51963 bytes)
Hash
0b13c31e82da0c7e5f6034607fdd855c
f7e85979f75940f355adbf937804a21fd03a30b5
a4b25fbb867b1e9572562365851eead7e7291fc48e31bbfba2f331d5082486f4

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/image2.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 51963
last-modified: Thu, 14 Jul 2022 07:39:49 GMT
etag: "62cfc845-cafb"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d8197KwLndutiLkTu8xFpEPLtYVKHs1pfy76QBLO4ARv4US%2FeCmyE%2FEQWJ%2FR7NtaifosGGmdk7spA6bi8gcVAlcsTPpiOE5TqGtqvPAeKKqZlhx5y5%2Fmz%2B8rLYWgwx%2BBzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbe3b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image4.png

104.21.29.63

200 OK

766 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image4.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 866 x 740, 8-bit/color RGB, non-interlaced\012- data
Size
766 kB (765716 bytes)
Hash
01735ba2b7155b63e2e36b1e86b9e66a
13196b7239306da46a28da2effbf96eac095c3fc
5ec7b965688f83c0cd638f678a84bd867e1dfd6e1ef82af6521ebd87c5ef1c9b

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/image4.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 765716
last-modified: Thu, 14 Jul 2022 07:39:50 GMT
etag: "62cfc846-baf14"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMFaovRGDd8mkuiPn%2FavHt0Wly7LP%2BVcmEuWjTT%2BulUxEzOlD6rC7mRMbjhAyIP9ayrvsOi4QijTKCmEqJzYtsuIDYZeijyLSFe1kpTcVf33zYXXuYJsoc%2F6tOcUTKwKH24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbebb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/4.jpg

104.21.29.63

200 OK

3.6 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/4.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.6 kB (3647 bytes)
Hash
abda509e5a59bbc08b7231f81fb4bb47
92a9ded410a90ac62cca084af987e5ae7efa39b1
425b95f977a3d9e8e655306a24fa22754127154f28bba057ed39a27c609298a9

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/4.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3647
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-e3f"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uftf9givmmMMQfZJ6qigNU7sVLhTSyUtKURQ%2FjB2whan9uo4A43%2BFbm2KZ0qd3LkzV36lYSjU1HEUj3PhlQDfi3ADUoqWm44KsMWGU%2FEBowDnm2v2QLFLQ6IhWRqU00tO9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0bfeb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/5.jpg

104.21.29.63

200 OK

4.5 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/5.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.5 kB (4491 bytes)
Hash
3b01fe996133d0cd013334670b9c8284
2b602663a0db789c9112f7b5b41b456d8937f83e
ffd6c945e0d5d9e1dac6f43a5092bc5167286b7d46324ca4f7258a812fe58c18

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/5.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4491
last-modified: Thu, 14 Jul 2022 07:39:47 GMT
etag: "62cfc843-118b"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRRI997pUcmC8r9wrI%2B7XHvSgUNu75t33cm34i3zoQ53pRshyUmrNKg4ld86R8bvqz3sNV3hpP1427Gxh8iaIAvh84fBV8yfl9o8QX72RWed%2B7vH38kuB4ggGgXpf%2FpHuEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0bfab521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/6.jpg

104.21.29.63

200 OK

4.4 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/6.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.4 kB (4388 bytes)
Hash
763868adfbd5486354e4ed30fce5470c
18b190c9735bf402cafa6f975b759ce068aa8fc3
6c6baacb7960bac059c53229d2900c3a490ac439a7c08b7696bf6a311b34b91e

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/6.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4388
last-modified: Thu, 14 Jul 2022 07:39:47 GMT
etag: "62cfc843-1124"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxjJbBn2ZppHcMCecqcSuM126CbMh%2BlYMB68iwoAhkZTcR07LDC0eicGoEaqVXJoByxymsnO1gHRziWpNVpkOLVvfsAD2mom13ppHj3Irtr8nCyRnwsYyZwrgGYWNWGgc9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0bfcb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/8.jpg

104.21.29.63

200 OK

5.1 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/8.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
5.1 kB (5123 bytes)
Hash
f6ebe28a4b396c185106a8a2aa0f14c8
0b86ba4d8af6dbc49d0f80561de187d44a429849
e54b99236da132c23e95f71b0ae454d1e3e54cb1d8253931ba1ae5a49c6b853d

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/8.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 5123
last-modified: Thu, 14 Jul 2022 07:39:47 GMT
etag: "62cfc843-1403"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=552q8cCi3QDio5I4izjlms6VkUflTvVlrdWuNb6m0SRX3rHLlaO5pO70OsCSeiBpgz6oGHLZyRltCoHI62bmDWc%2FweCVTgqxBWX5z1wvgfxdJR8JWXp%2BNrO53L3Io32me34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c01b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/9.jpg

104.21.29.63

200 OK

3.7 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/9.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.7 kB (3660 bytes)
Hash
ef196d150eb3a6ef89e88e76ed3d4edd
4f490762d939e9a47c0aa5e20d3905bfe9c676d8
de3cfb8eeb699f96e01fe401b6a91c4f32b513a61d7ad1a0f02eec63910d2c31

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/9.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3660
last-modified: Thu, 14 Jul 2022 07:39:47 GMT
etag: "62cfc843-e4c"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfnjssCqpjcHS3Alfpw2%2Bg2wty1POorBurMXxx37u%2Fo9%2Bh88AL5iaN5UO904kgmWAutQFKcTwh9aVbzKCoViGL07TjnGwp5elMOp7X0nT9FIfJInVPyA4%2Bw9fvKy2RR8wRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c08b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/10.jpg

104.21.29.63

200 OK

4.8 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/10.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.8 kB (4780 bytes)
Hash
80dd335f3a18550b10bb7bc3547931e9
749596f827380c294dbd9ba1631f2264f5f7eee6
22ea961be67aa201c2f8632bb87579ef8d1172e7224353cd6b3460d0590ee7a5

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/10.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4780
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-12ac"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwBPiwKguUcRkiV1lPz34pqN5MmUQaGe%2Blpg6cRFPBAo7RWxYe8wGS50hJ4R7NXsagkhRNzdNFFQZpEekG3lmCQTf9S8CASDQ4gDdm1HY5nQTOIWAFT5cfB1qDpH8eSMutI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c0cb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/11.jpg

104.21.29.63

200 OK

3.9 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/11.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.9 kB (3868 bytes)
Hash
681f6dc90e0fd5bf3c2acdec975571c8
3921c3a8322093bed286a04ea523492d774b962f
7a49a3144df3c27ae937c0b7d3c664006b7ff3f7444719b84c7474bb38e5d93b

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/11.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3868
last-modified: Thu, 14 Jul 2022 07:39:44 GMT
etag: "62cfc840-f1c"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5xzVqoBNaog21%2B%2FBx1X7p92yPAYU%2FE61CA2t9b0BrtqERwpuSAg4duuV9K4UB5E4HM7isu%2BcfWOoF0u0YbCwy2SbG8C2FyDD82Gk69WxnWwZZ9Hc%2FXUrVRI9NBtG2DM4So%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c07b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/12.jpg

104.21.29.63

200 OK

3.5 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/12.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.5 kB (3518 bytes)
Hash
e0b5708146460c456ce9fd3b188df72f
1c86de23ac61cc7c3e4ef40a575bb47bf4a7125b
9c7774f0b4ef00caeea9713388bdd87b4756b2d516ec4dd1926814a1d937921a

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/12.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3518
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-dbe"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQFls1Yo0T9%2FsZiw4B1YDfWNdliDaz5fOz3L%2FHo%2BTjOgYxDC%2BLHR1LpvxZP62QfymF61fbYqjLpCuO3mgRn8RcHi8eQIcteGP1v%2BFpYUqYDR9EFsURb1rR93wqeBnx%2B8XZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c0ab521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/14.jpg

104.21.29.63

200 OK

3.6 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/14.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.6 kB (3597 bytes)
Hash
a3b950afc4e46f3e549d5a052e8f66da
8c9561de88717faf88fe7ab1c4ff26ad6e619de7
fddfd4e9285cf8fcdaef92a9ce1f2896665d9107cfbc71cfd7757e60983585a3

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/14.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3597
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-e0d"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMcZ%2BiQy4wKEf7IBr5hmqfTZkFpMA4xMJAJSd4gRYvyP7n2PHZAPHGOu3i3pAZWh6fJ6fuFdNjPZV0CxBEd9U5h3YT5%2BS7QI2NuYGxR41NKudh6E1FX1JgCMEqD03m17jwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c14b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/15.jpg

104.21.29.63

200 OK

4.2 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/15.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.2 kB (4183 bytes)
Hash
85a6a5b375f49a9856b94b6fb9cdb1d0
3f2db74861a77c922285a94d6cf192c49374e162
b3c4c0454160257becab4b7e097b431cfbf026da53b8e22f0284870c21b34da0

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/15.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4183
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-1057"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhdodbWBmoYXLkoKZJaHeJhRgf9fc2bbH3XyX4sBuop%2F0FS1N2RDyapTCLNCKkoHGn3kdwplVjZ0ig%2B1YaToP2CXWKuAKpeoSNs6S%2BLDZli81RudO9ee%2BTjNeePzxgbQYtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c0eb521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image5.png

104.21.29.63

200 OK

364 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/image5.png
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
PNG image data, 629 x 426, 8-bit/color RGB, non-interlaced\012- data
Size
364 kB (363625 bytes)
Hash
7144df4abc46dcaeb850438c0cdf7d1f
b0bf9979ae2b52a21afd38570db103e6f8ae8f82
602db151e00cf9ce7b62a78a600e2844866a125be27a18344f2a2e9bd54cd082

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/image5.png HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/png
content-length: 363625
last-modified: Thu, 14 Jul 2022 07:39:50 GMT
etag: "62cfc846-58c69"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBTRz0wTGFwQyYD1RWDGAA4lsDUvwpfbp%2FJB4J%2FCWIASPzKgiFkSatOuJ1YfBIXxNw42qCYj%2B0VsPXw9ZZzUsYpgvKrypzyQPQE%2Bur0XUALyc0Qc9unAiPd2%2B6ohYqYckqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10afbe5b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/16.jpg

104.21.29.63

200 OK

3.6 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/16.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.6 kB (3633 bytes)
Hash
a1c7c525b43fd474cd7a5b09527f83c9
839925d7bf40ddc41efd36c981b4bc9993be080a
00a618757e69ff34fefff9eae983ae14da696324a10909808624f4477b65196b

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/16.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3633
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-e31"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjIDrxrU8zzI7oOpzC7a8JuF5MhMZNeNhxC1RAoUV4u38vjb6XvsI8DnrblEQnM7GSR3DcoQJpFros2v2BxkKaFSR1WpPk%2F3YfBonX7oHi68fMig%2B1X5rb8kCBEQjjI0fxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c12b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/17.jpg

104.21.29.63

200 OK

4.2 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/17.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.2 kB (4178 bytes)
Hash
2dfaa927722e6f28597940845fe714b5
c4f840c1ceb361a7aac98f4fbd508c5f84000b18
d83b6d113f357fa855ede76d9681d13e554256cf7c89c338b8a1136f03b426b5

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/17.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4178
last-modified: Thu, 14 Jul 2022 07:39:45 GMT
etag: "62cfc841-1052"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiYFSHuV3cr7ql0AEwBt%2BOIOVbPmvCfQ4wWl6XZAj3KmTjabN8jwO2tZtkrTBO7uUskMkatexB4CRWhkiS1x%2FDYjpsU4I2WEijRNMP%2BFBxnIpLir72PLoUzmYySgqjd6Muo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c16b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/18.jpg

104.21.29.63

200 OK

4.1 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/18.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.1 kB (4052 bytes)
Hash
589fa8fd2b6467e346a4dc72ad32f813
a171f9a7f842f107f399a12bf29bdd278fbb351a
f12a501fbc51894eb38420b84440005b4d4659d8fa9b3404522f3255948921b7

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/18.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4052
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-fd4"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0VWhABXz8HWvEbM0qiJq%2BTv%2FPR%2FZ00hSb4FdYVnfcSFQxoV1tws73gJd5qXyonxIhaceQmWMM3DQet8ChVu35dfR%2FnBcxDoFfTM2o9BtmzDj%2BSaoqvdBUMjVJYkrohIuXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c18b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/19.jpg

104.21.29.63

200 OK

3.3 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/19.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.3 kB (3316 bytes)
Hash
a1739c937031c60564fc95f5a96e807a
eecb2645a052bf36e93d85c3a26cc925f81035c6
8a86c0e9f2868847dc3b089896409d813c119a54b43ae6eeb1b3dd7c132a2c4c

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/19.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3316
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-cf4"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qg7FJxdwgoV6LEBJZp4O4vcA%2BYfu9IWjVMaVD6W01nmL4OxoOGbNUvqS2YD0jFgTh3HzpAKRAzxVdRzDwmkFvGA63ohQYHk6mIxtB7dBBqTeZN9nji0NsDjPvdIY2VGrviM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c15b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/20.jpg

104.21.29.63

200 OK

3.6 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/20.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
3.6 kB (3619 bytes)
Hash
b337cbde4f5f051d5056455df222b08e
5bb18961542cca8565c6d4623759295d89e3e0ed
50638bce02151be2baa2252290f72c724ea945fcb40b281512465bd34b6c2c25

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/20.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 3619
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-e23"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82wnke4Z6mWlnrke684pOIdvRcExZA1YzCUbC%2FrpBbV99dMnT%2FjCNss2RKENR1jlikVZUdipticcPtAvtJfTiLcPt7iy5ZssKaB%2BizwC4Rb4D0%2Ff7%2Fdsl5j5kJAKuubDOe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c17b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/21.jpg

104.21.29.63

200 OK

4.2 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/21.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size
4.2 kB (4228 bytes)
Hash
1b695646e880df779ba8457bb7042a7a
4a4f8f793013891ee99baa0f4a4e6dc3832105ad
f6a6c1bd7abdb5f783da2642913d1e3590c59b65a70d0d6d91764eed0c4e8068

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/21.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 4228
last-modified: Thu, 14 Jul 2022 07:39:46 GMT
etag: "62cfc842-1084"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixjezJ8O3VZxS%2FjAiYdrczlStjdM%2F6ELKVB6locPiICXenP4oAE6kUSPSJgvIQlbGBbqkX913FiCORGwPFT%2Fk%2FwgRwaLUb1DPjAWbjY3FA5MjYryAIhwBl5aY5b2NH9hXY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c19b521-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

216.58.207.202

200 OK

1.7 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
gzip compressed data, max compression\012- data
Size
1.7 kB (1701 bytes)
Hash
7131f474b645b17851c72f8bc8d1a523
6b94d46f5782e9fea4677a34c59434f797ef915c
6dc9b59101647e25d71450f987e52d0ad80f021b416215f61adef41f677ea5d2

HTTP Headers

GET /css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 23:12:14 GMT
date: Sat, 27 May 2023 23:12:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/jornal.jpg

104.21.29.63

200 OK

10 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/jornal.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 141x200, components 3\012- data
Size
10 kB (10088 bytes)
Hash
9a2b8a935e8fa6c9f2da8dfd1d228622
fde66a99d0db54afddc07db5df185532ca2a70dd
18699d4e41e4b6b54648f5212f113533b452d1b50474a30265e2c756f42e9362

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/jornal.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 10088
last-modified: Thu, 14 Jul 2022 07:39:50 GMT
etag: "62cfc846-2768"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwNR0RR77Fxzp4fO2w61NrvDrALlhClST%2Fjy%2BisOqNe1xAiob4Jd%2BM1xRbLFwkiOYWVt2wFjtK%2BmhdzsQNqHoqSVovwHjNI8Mx3pxChvFpLjsJS2BnHJw6y74cSPdDyIw7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10d3e0db521-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19440, version 1.0\012- data
Size
19 kB (19440 bytes)
Hash
f9b6356e32a9b93ae0f1c23aa537f2a1
0cc73519d7b7fb4e4268727490205df48bd570f6
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

HTTP Headers

GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:25 GMT
expires: Wed, 22 May 2024 21:40:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 16:08:34 GMT
content-type: font/woff2
age: 351110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Size
20 kB (19740 bytes)
Hash
101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 71641
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18416, version 1.0\012- data
Size
18 kB (18416 bytes)
Hash
d4575cc3aad8b688499a078ec3114ef9
24e195f6b32d88a217dc1b5050b2d6fbfad7e80f
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 08:40:11 GMT
expires: Thu, 23 May 2024 08:40:11 GMT
cache-control: public, max-age=31536000
age: 311524
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19816, version 1.0\012- data
Size
20 kB (19816 bytes)
Hash
290160ea1f23d0178902ab8a62635b0a
5614266d1f6bf5f0d7601fff4a2bc0924830d983
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:17:14 GMT
expires: Thu, 23 May 2024 00:17:14 GMT
cache-control: public, max-age=31536000
age: 341701
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Size
20 kB (20028 bytes)
Hash
2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

HTTP Headers

GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:49 GMT
expires: Thu, 23 May 2024 00:16:49 GMT
cache-control: public, max-age=31536000
age: 341726
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AI9sdO_q.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AI9sdO_q.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Size
16 kB (15872 bytes)
Hash
0f2d41d2b986c330afb05429a8a840b3
51d1197898ffc6215b37d035b6c1ca3dbb29b961
4064fb191238671603c1fcf604554950ee4800051a681f1e29d215a6c0e111a7

HTTP Headers

GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AI9sdO_q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 01:23:07 GMT
expires: Fri, 24 May 2024 01:23:07 GMT
cache-control: public, max-age=31536000
age: 251348
last-modified: Tue, 02 May 2023 15:44:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18836, version 1.0\012- data
Size
19 kB (18836 bytes)
Hash
73d7be7e72e71728515248dda266c095
45959ce8a2e8f88b621c1d3586564e37ed3c8f8c
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d

HTTP Headers

GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18836
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:43:25 GMT
expires: Sun, 26 May 2024 07:43:25 GMT
cache-control: public, max-age=31536000
age: 55730
last-modified: Tue, 26 Apr 2022 15:44:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20064, version 1.0\012- data
Size
20 kB (20064 bytes)
Hash
767677e475131fa7d3f37880976bee39
386db54484cff1dfee2cbc4441ad790fe9829a6b
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

HTTP Headers

GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:56:19 GMT
expires: Wed, 22 May 2024 17:56:19 GMT
cache-control: public, max-age=31536000
age: 364556
last-modified: Tue, 02 May 2023 15:58:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20356, version 1.0\012- data
Size
20 kB (20356 bytes)
Hash
e78568807d101b47dfd21e34244e072f
4cfc3c246e975c42ef684033a58afdacf8d5f54b
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

HTTP Headers

GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsworld.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20356
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:56:22 GMT
expires: Wed, 22 May 2024 17:56:22 GMT
cache-control: public, max-age=31536000
age: 364553
last-modified: Tue, 02 May 2023 16:19:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&display=swap

216.58.207.202

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=IBM+Plex+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
1.1 kB (1119 bytes)
Hash
2385899c011f207f0e49334bdb6ae7c3
82fb649479627887654935f7c7a3e33deb16d1e3
ae007b654ec98c92ac3e270fa73e7aed8be3fa06ff69d6d21b36e7400f89f406

HTTP Headers

GET /css2?family=IBM+Plex+Sans:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,200;1,300;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 23:12:14 GMT
date: Sat, 27 May 2023 23:12:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsworld.cloud/js/binom.js

104.21.29.63

200 OK

4.1 kB

URL GET HTTP/3
newsworld.cloud/js/binom.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (4326), with no line terminators
Size
4.1 kB (4132 bytes)
Hash
7da953dece81656e1ede5e381c9a3d86
7269562e5e230c0b3e8b37fa098ea6ec4e34e8f4
6f3cf51149844516b49813209377fefd905f6bb942f91334791449422078c614

HTTP Headers

GET /js/binom.js HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 12:18:04 GMT
etag: W/"64145a7c-1024"
expires: Sun, 28 May 2023 08:04:29 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 52795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qxzh8D7KvGijKirUUkoVFafF6ZYpjvq9Y0oUe898wXcUkCRwgvrJ4SG0o%2BvAQiMtiQukv4ebBhYzGGa%2FpxX2aig%2Bzojje1IaCW7pqVLsgcTDocFwdW7JaMdpm2sYK2gkVmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10aebbcb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsworld.cloud/js/back.js

104.21.29.63

200 OK

6.8 kB

URL GET HTTP/3
newsworld.cloud/js/back.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (6954), with no line terminators
Size
6.8 kB (6778 bytes)
Hash
2e4694b29859fd7d2b65eefae3dfc929
6105bf97b36a1dbd4a4f260781eb0330d42a90ab
37fe5a70c2321103fb0b59e07cea8688b2a473385f5205f2427aff524ef51bda

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/back.js HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: application/javascript
last-modified: Tue, 26 Apr 2022 16:16:30 GMT
etag: W/"62681ade-1a7a"
expires: Sun, 28 May 2023 08:04:40 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 52795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycaweT40vNp5TcQof6yX8TlpPWoMauaKQJTNi%2BHM6aAGPFQOhomSnpH0EFx1EBVXAsYYhjg0s003yMpnYL1wkffBcK8JZtSExPguRIxCdos4ejjn8FuL8Bo4IRfVvfDTbJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10aebc7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/index.css

104.21.29.63

200 OK

7.2 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/index.css
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7668), with no line terminators
Size
7.2 kB (7174 bytes)
Hash
0c45c0332712d78dce11baf83538e835
bd6911c5cb1d53a72b04b36866eca18eca834b27
bfab9e2e561fca54590bd45d21807aa12fb4d5585890c61d152f831c536d3b91

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/css/index.css HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: text/css
last-modified: Thu, 14 Jul 2022 07:39:43 GMT
etag: W/"62cfc83f-1c06"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIL0ukvRPYsWdIlwisTftWFBuV1HuMEims%2Fpg%2BWd5LNZlMWfkklyApcbUSbojP117TBEujAkCDn0Jf8jJpIEnrWlMtXBrtl7QEPUTyvY5%2FxWYFYXGYMUo8CTdeQYaM6PAVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10aebcbb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=4

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=4
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=4 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOQvIqBI4DXxJT6eKh90NKweVyZl5KusIfggJlVeaDmZkiPwX7H9XFvYML7%2B2md%2B%2Ffrp4FxcA1ikRZ3untgbR7DnkjrurcxD%2FHECRb2KidGgwRKKHkfQd%2BRvpp6n6zRK%2FJ40s4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f126091ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=5

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=5
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=5 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsR6IxVX671mpUByVlwRvSMlGW6avCWI6gijJPmn%2FDn8sfn%2Bi1TxFEbF8leCQn6q9R8gPqD1%2BHjaCy%2FhaznBVJ1C%2B0WHeaFZnrI0epKpYDPaDIpnm6ZZyuMiwQobwHtB3cLYrA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f12c482eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=9

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=9
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=9 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:23 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTyTH%2BRKLCHkBW%2Bz6OCYhuogXiAuswiM6r2RfSSrCna8zl5JnVvjs5X0TLEAcbVJW4dWxXEMBBsveuKqv8A3AxRzlUIHLcIJj15ds0nb%2Brr%2BCUTxFmLA%2Bh76znVEm3RPC0He3Iw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1454e35b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/orderForm.css

104.21.29.63

200 OK

15 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/orderForm.css
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
15 kB (15027 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/css/orderForm.css HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: text/css
last-modified: Thu, 14 Jul 2022 07:39:43 GMT
etag: W/"62cfc83f-3ab3"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eICWAuPoYrYdjMfsq2uCjzVaOREsmAUP55MS4LB2rYmMDoY1KGXr8nKpM5CO3EfsUJJCXeMwJIFcS67xurmVrYguvgC%2BoKTf40ySGf09UaCfyil5Y23iRf2kT2T3CBfkHco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10aebceb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=1

104.21.19.144

200 OK

0 B

URL GET HTTP/2
www.binomstat.info/rediska.php?clickid=undefined&time_spent=1
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=1 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 23:12:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92ifVg03z1ueJ0BctdYteTDNw3I2wq%2Bf%2BkGPKeh4TV575o%2Bg8d6KQHgRxWBV1nGqSim%2F1eG2133607WyiWY7kKiQfhM7CCy8y42Fo9Bc1odo8wT%2BMTTUbZUgfBPSykhYsCydQN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1136c79b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.binomstat.info/rediska.php?clickid=undefined&time_spent=3

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=3
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=3 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:17 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AO%2FpiWoJWO6Q4g7HJIUL5otunMNk4bJQCybHsQ4nlys6iqB4MqYV7h3Wiiuo3s4aOY70DBKbsoEQ1rCEfQ1rgsHA%2BjK6hzDAYU2%2FuYxlsxVOtA4C24A2iEemimmYLpKRH6pdBu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f11fca66b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=13

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=13
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=13 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em%2FiI4aSN3w%2BccTfwiRI9dGfBo%2FR5W6kI7cqtEUA9mYPhIZHruJJElauR5xkKT9%2F3v8s9%2BZFhr0OtI8L%2BLnam1SCVhaPxGP9htphuEriuwriJ%2BviuUJhvUlP4rn3LoLHOgiHMXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f15e4c74b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=6

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=6
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=6 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ0Q77WkLNiDlI2xVxNdMOWAerGv0ZETF52NyyiVfdWhMZbkq0gCBSfCvQyGsnjoNqTP5aETKy4MQzk6xx1l%2FaDuqL2sOqnWKBSbn1aglm%2FwPoFAf%2BE5FdCt2kR%2FyV9M4Plr%2B%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1328f28b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=7

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=7
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=7 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:21 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FcyyyQ3bay3lH4CTTXHqxa%2F9g%2FcsWTohc4boYTQ1Z5byI%2BxUdfx7ztAIqgXqUisy4ru5K%2Bx0YWVDbzN3GclPnSDDScNUDv9f0ycZA2yXONiviH7ginjXkVJyBP2U5AskucN3aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f138ce05b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

216.58.207.202

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
14 kB (13760 bytes)
Hash
7a709864856437f60fe3b27060c983f2
734379d45cabaaefb479fd202b7bf9ff71bdb6ff
7556c220859e509cf18297cacd5f9348ea5a55b13392e59be1086064f7f0f7a4

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 23:12:14 GMT
date: Sat, 27 May 2023 23:12:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/comentsm.jpg

104.21.29.63

200 OK

837 B

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/images/comentsm.jpg
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 34x34, components 3\012- data
Size
837 B (837 bytes)
Hash
50e7b5d0d1543ce2fcde58916b3ad5a3
f2c7d330c8978dbcf898633a3029a78db38f9a71
083bbbd660a0924cca7b13eb5c872b86a8fcc311610afe9b59dc6d7f8f64237e

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/images/comentsm.jpg HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/css/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: image/jpeg
content-length: 837
last-modified: Thu, 14 Jul 2022 07:39:48 GMT
etag: "62cfc844-345"
expires: Sun, 28 May 2023 23:12:14 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP379CqQEUAefNFXYvJQAnQV%2FGlnHFdMlEwydtV3UD2PBT6qoaxEhmJRCsJVfYqcHKg5DN5CZekSVtzkS3vFO7%2B3xQA%2BfJEWO2X9WNqmYWyy295QAVW092vTOFuyF7d30h8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10d4e11b521-OSL
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/empty.ico

104.21.29.63

404 Not Found

239 B

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/empty.ico
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
129fdbeccadb684e8923118d9556cdd8
92ac9b48e32144fca4177259583007b3308fb3b6
e2d834a42724a7aafb75d3a96cad8218a86aa1414814d8faba2b217961680a01

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/empty.ico HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 27 May 2023 23:12:15 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLhtnYZA%2Bb%2FpUM%2FYlTtkdJfnvozlL7H939RwxEVmpKLD3%2F4%2Bd1R1xhZ4sRtQX44sgBmd005yuvU0UZVV83tIhlZNNJFggkQl2%2F1Oz4SLRsMsH0w1QK0HptTdkHz8W3Q72HM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10fc811b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=14

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=14
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=14 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:28 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsdJeeVrMyQ1JXGU94D2Ck7tEM1ZKKGGedGDn2YmyCuZ4I9C7ga51z7rbmcZjkHpuVcmgY0wqU3d26lY8EJ7%2BhFYWxLtcl19qXt5lQHiVZjCyteMDITrLbYqP344gObrD98shdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1648b39b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=8

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=8
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=8 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:22 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMi3Q7ce1vkL0lLCdnPEzZGkVgGOwdq1BUa%2FwLHR%2BU2jO65DVSxuPVonmH2zAc%2BO5HLKV%2BNp4ZJs6s1TsiJsCWiJSHcdwGA5Rr780kTLlmbRAtRz7JD%2BUQXyFen%2BxT9V1d25uZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f13f0d8cb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

medical-room.site/click.php?clickid=undefined&event8=1

46.101.136.93

200 OK

0 B

URL GET HTTP/1.1
medical-room.site/click.php?clickid=undefined&event8=1
IP
46.101.136.93:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerLet's Encrypt
Subjectmedical-room.site
Fingerprint14:64:5A:9B:BD:DC:60:5A:C4:E8:DF:D8:11:EE:0B:2B:EE:2E:A9:59
ValidityMon, 24 Apr 2023 02:04:42 GMT - Sun, 23 Jul 2023 02:04:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?clickid=undefined&event8=1 HTTP/1.1
Host: medical-room.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 27 May 2023 23:12:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

newsworld.cloud/js/form_validate.js

104.21.29.63

200 OK

3.5 kB

URL GET HTTP/3
newsworld.cloud/js/form_validate.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (3466), with no line terminators
Size
3.5 kB (3505 bytes)
Hash
5da7940748519271f72f789402a89678
8555c02e49ec37267238e70fa2b5ef2a96c12fd5
4191c6d0ad8296db88745b135d2df612b50f9312fc0e98a74c025e68ce12f4b1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /js/form_validate.js HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: application/javascript
last-modified: Tue, 30 Nov 2021 09:51:44 GMT
etag: W/"61a5f430-db1"
expires: Sun, 28 May 2023 08:05:12 GMT
cache-control: max-age=86400
cf-cache-status: HIT
age: 52795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0%2BfWJa6qoyGZzfrKMEd1yMpit21NByxxS42BYrYDLnGuROAroPzwcGGnhweTV5V2BCSaeLWn3QmT5P%2F0tvSLV1DSqyuX1MZdZsIrQaNkQrWS7dqOaa7jItQlVpeo%2BLKUko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10aebc2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=2

104.21.19.144

200 OK

0 B

URL GET HTTP/2
www.binomstat.info/rediska.php?clickid=undefined&time_spent=2
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=2 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 23:12:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZpTL5yadpX3jVaAAc5gceFHtkzXZtNyu%2F6AH%2BRmiMdsulItvHUX7wqzPlBXASeM6ydNaxOumoHoHUbIehyKuRDNpoQslEFBgWFjHLiIViTjZcdA5q8MjSBetiUzx68sqduLLC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1198abfb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.binomstat.info/rediska.php?clickid=undefined&time_spent=11

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=11
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=11 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:25 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ%2Bde2H443hXM7Cfrtmn%2BMLO%2Br4wyCg21QkHVyPlewTe%2BC4CJGcWbiBV55D1hzOssLIZE53aYkoQzCZOnHLowIXUKO5Nxe0Z1eZIXYGdjl89XAa9j5COxHWgp%2FpqSs9oid6tbtY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f151cdc2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=12

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=12
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=12 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkYmNpHXbptcZGmmVXmD%2BvaTXeHi8AQPQqkhrro4%2BH%2BZo9HSg43OQwqmeg5y0uz52AYpcoJP%2BzSmR944WiKq8doNQn%2F5qhNJ990WYQxrCPe6BL1wFZhCTz%2BF9CKNP48bmaFQ0bU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f1580de7b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.binomstat.info/rediska.php?clickid=undefined&time_spent=10

104.21.19.144

200 OK

0 B

URL GET HTTP/3
www.binomstat.info/rediska.php?clickid=undefined&time_spent=10
IP
104.21.19.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerGoogle Trust Services LLC
Subjectbinomstat.info
FingerprintD2:39:9C:31:9E:66:5D:07:C8:DC:3F:6F:47:67:EA:E1:1E:A5:D8:25
ValidityThu, 25 May 2023 01:19:09 GMT - Wed, 23 Aug 2023 01:19:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rediska.php?clickid=undefined&time_spent=10 HTTP/1.1
Host: www.binomstat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://newsworld.cloud/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adCs8s18%2FZdjLKAus71vDGv6R2hxB3UzBp6Nm%2BkZ9GLawmOPQhNiw4X9AzjjpdQ0ZEO%2BCiHwuYZuyN%2BEykjMu83QOWguUHAfm7Np7mq8IFWy9XyHNl%2F9hm88Rxd1MKf3mxN5wpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f14b8dfcb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/

104.21.29.63

200 OK

48 kB

URL User Request GET HTTP/2
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
48 kB (47956 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/ HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqhAtKU2DW44OJZxA0FLXsxPNA2wJMeddsZz88YQAYKmFxUCUG8qNrIVHH7NPTnSGFwF1nP1EDuoLTA9aoYZPuTmLWAObL1Swzru8kWhcFEVmjyEhlwSEaeqXjLe0AiurBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ce1f108c9c50b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js

104.21.29.63

200 OK

11 kB

URL GET HTTP/3
newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0D:A8:8E:2A:F2:F7:05:81:E4:DF:48:6A:1D:A9:B5:FE:4F:B0:1A:51
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type

Size
11 kB (11335 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /insumed-glavnoe-zabluzhdenie-ba/files/modal/modal.js HTTP/1.1
Host: newsworld.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsworld.cloud/insumed-glavnoe-zabluzhdenie-ba/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 27 May 2023 23:12:14 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 07:39:54 GMT
etag: W/"62cfc84a-2c47"
expires: Sun, 28 May 2023 23:12:09 GMT
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnaUwegLo%2Fm6cdh3PMTOgd57YuN6pJVlbKoPDS6pjncJsmM46W1lDyDcefJ1NeETWBIuPoOnsM8yX11p4bdPdkrlg2HWbTGoy0UXH846r9bL1xoNTCxtsr8bZsrHP3nwrIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ce1f10b0c1ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (69)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers