Report - freshgonews.com/

Report Overview

Submitted URL
freshgonews.com/
IP
172.67.215.6
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 10:00:53
Access
public
Website Title
Top news of the week
Final URL
freshgonews.com/?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
freshgonews.com	unknown	unknown	No data	No data	30 kB	1.4 MB	104.21.50.246
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	2.1 kB	67 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	463 B	10 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed
2024-04-18	medium	freshgonews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	freshgonews.com/_nuxt/DS5d5h-7.js	4.5 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/DS5d5h-7.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 406fc025b39a666ee3bef1e10e01be51 547d63c85f0ddbccfa3f1be5dfe83a14cdfc1bd5 e8f494f9d9ff482f32c06807cf7b117e0341acbaf161a58142d596b1381714e7 Loading...

	freshgonews.com/_nuxt/DObMaDnu.js	102 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/DObMaDnu.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 5be9086e7521a4283c3fcd0ca0183019 a532baa702b5a1645df44ca4cc338f906889a795 badce06688e05727f3a6b0ffade7107e538a52cfcb60f36a679bc6181737d4f7 Loading...

	freshgonews.com/_nuxt/DSNm5iTs.js	210 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/DSNm5iTs.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:01 Times Seen2 Hash 085d190c80e90e82cf482ef2665d5807 61ca601c7fbb43f34e23b3cf0637188eba45cea0 ad5d895b6a14a7e96f3c6f1c177fc2cef4727eb84747ab1aff2fa5a62ecc58fe Loading...

	freshgonews.com/_nuxt/Cos1DWCW.js	8.5 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/Cos1DWCW.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:01 Times Seen2 Hash 544164803e296ac6c118aa054af92a1a 25f1bcf5a87a428a5a07fd608b7cb2f665857211 bb14b05e4dd0fdd1241059c5cfdc234bd587702f306c779fa37c699ffc1a0893 Loading...

	freshgonews.com/_nuxt/CW7FlOGr.js	426 B	2024-04-18	2024-04-27
Pretty URL freshgonews.com/_nuxt/CW7FlOGr.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-27 17:13:27 Times Seen4 Hash 6daa06622df91715d77a9343425bd32d 7695ae926b9d45e0c0c6137eb84a5ab413b24f06 7fc970de8462d1fb14109acd96641028dbb73f86dc839f54b20b4ad928502bfa Loading...

	freshgonews.com/_nuxt/9uwu2KmY.js	104 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/9uwu2KmY.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 1db075e861a3143fe083022842866044 4ad96c9c8763cfd6bf4c9d1a682e280e44b86b41 4987469ff87680ab5f3f34656eddffe3553a1858420403aabb2664a93ac2589b Loading...

	freshgonews.com/_nuxt/LCkduOVK.js	103 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/LCkduOVK.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash bb1527b7cb702de6e084f42e627cbcfa 32feb4969218d6eae7ffdd6917ac6e570c75d0e5 c3153b12f0ac3cb5791071e593b58c5152ad01a63dda56b6eec91dd29640b69f Loading...

	freshgonews.com/_nuxt/54fJVvsC.js	264 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/54fJVvsC.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 115e4d396e3029b88adafae9b0396ed2 da789ff233659c62c4f2ed76ba7b51240c2c2bd7 015441b700c9e3e22a423854c792f4253f9fe8929a343af9c93ff74294411d95 Loading...

	freshgonews.com/	211 B	2024-04-18	2024-04-27
Pretty URL freshgonews.com/ IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-27 17:13:26 Times Seen3 Hash 41199997a46fc76ae3e761f61e460639 16f28bffa81696b5a3126af7d41be21ff9b51f3e bb65967ee7967a7a40fb2610c6f0f10dc5ec84edce493a265bd0c075c2a60383 Loading...

	freshgonews.com/_nuxt/Cr1mshXl.js	91 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/Cr1mshXl.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 9d18d2040754a4ff4ce6ccd3fa85e444 8cb633d3166970c19d168965faf89eb4575e1ba1 1533d799570e80f4ffa0733681d3ff7238b896109ca65450f2da537823d0069e Loading...

	freshgonews.com/_nuxt/Jsjb-v0I.js	100 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/Jsjb-v0I.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 4c2b67a64fe795c64ce8cff2b4f51227 0d9b5518b2747049a8a5af11fa7066f3b2f6e503 882068fa1a85b9cc13b2dd8cf44b282636c74af7480424342c175b99af9cad95 Loading...

	freshgonews.com/_nuxt/4cgf5GmW.js	5.0 kB	2024-04-18	2024-04-27
Pretty URL freshgonews.com/_nuxt/4cgf5GmW.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-27 17:13:26 Times Seen3 Hash 67df72c0041a39a496f8af834a2c2ecc b4531c66c7981320e7ed80492649153c57c35f5d d579d2ae8bd5804baadb6b3d7cd9b450a71e0e98c5a2f49405cdc4d19317fbd5 Loading...

	freshgonews.com/_nuxt/3G9erJAb.js	351 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/3G9erJAb.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash d427ecbf5818b1594a3a49c6c5423483 642f2a53a5c5b5563d3fb7fbb050f23d18ecdeaa a3885ede71c640615cf36134389f9792e405a5de2ccbba35456d9b0191149bee Loading...

	freshgonews.com/_nuxt/DPMuLL4H.js	4.6 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/DPMuLL4H.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash ca169cc463165e0879a2b595f7eaff9b eb29e8a6a3dc5abebc80af2a235f8912fd72183b 5b06b2845653b633e04384fd2105096b14e3945391cfe69e54c4b61fe70f48c7 Loading...

	freshgonews.com/_nuxt/8UPkXAvb.js	6.1 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/8UPkXAvb.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash 0d553f124051d9c39e5147762fd76d30 9b3cdd77073d1f95cd562592f7c46f053526f121 1b2065018bd9f8d4d054b6dc890d391098eb37f8f593b9c463ba1b97f9dfcbd4 Loading...

	freshgonews.com/_nuxt/VyR_jL2o.js	2.9 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/VyR_jL2o.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:00 Times Seen1 Hash f183fd16aec196d61524f339646286b2 557c00ed89c97a8778b56d81504dd1989be7e48e 8c026e5c3f2b43e43c3396e122210a61dda8da089daa0771da3afff161e4f64b Loading...

	freshgonews.com/_nuxt/_H05hw6b.js	7.4 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/_H05hw6b.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:01:00 Last Seen2024-04-18 12:01:01 Times Seen1 Hash 677d4ca64858c636e692dd3bb94ddee7 d68e26e2395331a30355e9159d8cdc6ed1990fbd 1a23d58af61cd2d4815bd415e90f216bb8948622ad8525973c57885f10d4210c Loading...

	freshgonews.com/_nuxt/Btjofjne.js	255 B	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/Btjofjne.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:01 Last Seen2024-04-18 12:01:01 Times Seen2 Hash 98426f0bc2b9bc90bb8fa11ef7b1d630 00e4b8f6ab803e710e65ec8b388408e80d2cd606 2888d1e80cbc4de367ce49228b3ea54d79a57281f77b20a554826714d3604c11 Loading...

	freshgonews.com/_nuxt/DEISlJz5.js	1.1 kB	2024-04-18	2024-04-18
Pretty URL freshgonews.com/_nuxt/DEISlJz5.js IP 104.21.50.246 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:01:01 Last Seen2024-04-18 12:01:01 Times Seen1 Hash 33ca67968ec7b2d5ed5105a7071c0dce 665d6136f49990716739a3993ece7117db5e4986 646fc4ffbc30b5f688e7fb7dc92b4fda6b33712eebb2642bf41b70780190ee4d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1c94455068e27e9b58ef9eb661441c10	16 B	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 12:01:01 Last Seen2024-04-18 12:01:01 Times Seen1 Hash 1c94455068e27e9b58ef9eb661441c10 89a6ab95c4ea0bc22cc16e2874ccd1234824e3ef 1397687259c8c2d24d7a705bacf20d2271eacbb70b26f4ba3d572b2607adf2eb Loading...

HTTP Transactions (53)

URL IP Response Size

freshgonews.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp

104.21.50.246

200 OK

6.1 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.1 kB (6064 bytes)
Hash
d8e163aff7b938bc19d67ce4f8a7e948
b433e43df282df096ef1706895296f4d52542001
56f696d0a1aa8f113ecf3b8727f0282b2c035651f56fff90c3d33e848ea9a5c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 6064
last-modified: Thu, 16 Nov 2023 16:09:06 GMT
etag: "65563ea2-17b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8F8X85S17WhVEk7rELMAJNDtiw8cZY7JfLOLkQkFXCOokXZOiv%2BOPpqPkeHDRLcVcqc%2BwW84YhIN1MwbkWjyAbL7m0k27fcbvD7qzLfksoQ%2BMzsF%2BesXpbwNslTr%2BNxp6JY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc32b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp

104.21.50.246

200 OK

30 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30410 bytes)
Hash
d4c7fdb2c0791086e522ae6e07d36e9e
54c5f49c465b10125b0f67d850a1c65ada62e0b2
bff6cb3aee9059bbe83a337fab3cbca5256a112d2cb43ca27028cf5065849975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 30410
last-modified: Wed, 13 Mar 2024 10:54:40 GMT
etag: "65f185f0-76ca"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIrvvZdK5DjzCcCng4oq%2BYMvrhURGahhqkJN%2Bq25avaLlakKI1u50VONlo6ZM7u%2B7YyPI8JQnj8ybrwogzujn0qdrS%2FJafDezOjeKfLQ5yUYWHM9DdPmVWkeLO%2FW7mYE4tI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2cb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp

104.21.50.246

200 OK

25 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (24686 bytes)
Hash
c4f03d67997708a24c6e5418b266db68
2ae0bc0b59199667c8d190bc50572f2b78d691bc
1526ba8494ffe3e261ad5950f07cdb189dab5da5660fd35c40c10d413ce06a5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 24686
last-modified: Wed, 13 Mar 2024 12:19:41 GMT
etag: "65f199dd-606e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tbFOtjZJX3KmPh%2BKN8cdn0AxLH0vjweBDKkFjYAv5f7fwDWEv9Bm0aZsfT37oRmN540dcAI4ZHcJ%2FCbj%2FYygqGAsCgO09aTg%2FNAhevKnK8w6NQ9Fmf24SmI3QR9HRpEeAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2ab4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp

104.21.50.246

200 OK

12 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11534 bytes)
Hash
cf8f4490d02d593d3858e04b5bf236a9
3fdef16980b9dbea34a59a56b3eb7ff2c0bf8d4f
7ccbb96cdb1b5679feca007c89093bfe26b9fa245cecb59baba93ca9a0ba3186

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 11534
last-modified: Wed, 27 Dec 2023 10:45:06 GMT
etag: "658c0032-2d0e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHvQYBv4QbNImUGAq0JyQHLAiu7X5%2Fu8i9I%2FhUaiZauSflDvoKRYWn%2FIxKHus6yK6z%2B2AXTsSEZqB4ttqclXWap016%2BvtaadEW7lc1o6e%2BXe2OTCf6uJiEgldjFeByAhW6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc30b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/

104.21.50.246

200 OK

18 kB

URL User Request GET HTTP/2
freshgonews.com/
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32406)
Size
18 kB (18468 bytes)
Hash
2737d9aae4d5e11fe9aec4bae6ba1734
abcfcf4561644402d46012cb814d3ebef1736b31
811ea6800d6875965f1fe9b8254b3911291b9e5b245fa9426aab84da421af261

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:00:27 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-expose-headers: *
set-cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; Path=/; Expires=Fri, 18 Apr 2025 10:00:26 GMT
trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; Path=/
visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; Path=/
-414010988=1; Path=/; Expires=Fri, 18 Apr 2025 10:00:27 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u66lTisKsao1rwPizz1zrALYoN61Z%2Fv9T8rYVw%2FOCexpHjp6npOJNxWzfHLXT%2BOiikFEF9rrLDeQJlzKAKKQ4XFKAEM7pzmfPJOiwyaitTc7vASFyj%2FqIQ5bVdk5XnkJseM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cece2f5a56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freshgonews.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp

104.21.50.246

200 OK

32 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32264 bytes)
Hash
d17d60a2e79ccae6e72bc68232617491
359fe3b61c3545948c56548c4bd775c1214388b6
4c30c33481e95187ec9f5413576058092ed9aa64549e6e2367c7c41e66f9d93f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 32264
last-modified: Fri, 15 Mar 2024 15:20:16 GMT
etag: "65f46730-7e08"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEwd%2Blw%2BAk%2FdwIoXTBmIei1j54htWY5IZR6YbutWGzn9gWkYpzdAhWc0asspkIuAHWD8KFC5o%2BHAOr4n0sHei6q5gHy4HNQIPHK1mg6aRlvWnlCZXQ3291uX6%2FTD%2FIrnhxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2db4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg

104.21.50.246

200 OK

25 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
25 kB (24975 bytes)
Hash
46efdcc121f9417d93a6def374a5a5d4
5d842f046630b14d1fdc9b1db89ccff380526cf5
90d53d41ac97337bf89a77457f6f7a7ef3ec41c50fd87dfb2607696f0fac1fbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 24975
last-modified: Wed, 09 Nov 2022 09:49:10 GMT
etag: "636b7796-618f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXUuGipXAaDaeqxjWe0u8xO2%2BbLzeXYoLqaHeFL31x7Jg4KeKP%2Fd3Og9yg5v%2FN8K9nbsghUCyzT82i%2F3GAtGKfT4xMT8f6EF%2FgI8mzl3PAC%2FiASd8C7I2TQQZcM6LVhCxG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4cb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg

104.21.50.246

200 OK

52 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
52 kB (52299 bytes)
Hash
eea3f35d627929a8e55ae6d284e7d63f
bd861c976319e7d4d9bbeec131062636396bf135
32dee5a9d35987b7dfa3ce7c9aab3d2edfcb7218de82e272d2ca4929430b90bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 52299
last-modified: Wed, 16 Nov 2022 16:17:05 GMT
etag: "63750d01-cc4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlBra8Gjv%2B9PxbU4gQtiDhZM6DAeOtv%2B6nfegDWMqsOsofOCT8P3rmYWfLmLujhzC4vsNSHApw%2Fd0qCIVKM3ms%2FDdbODt2C3pPDZxPEHqF03xc2EPdtvX4cHFsLpsV0i6HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc34b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg

104.21.50.246

200 OK

75 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
75 kB (75374 bytes)
Hash
be5bf53a1705b73ef1861f9e16e3756f
972bae8cae607eb9f67dc1c70f5faf328b7e7de3
2a10f99f144643a6b9687d131275960261f0eb92c0c5b93377e683ec5bcde672

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 75374
last-modified: Mon, 14 Nov 2022 13:57:02 GMT
etag: "6372492e-1266e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gofcGWKAqiMyL%2FSOjhSJdplCcg%2BYfCmwttVxBIIeOkuyPKA9ZCv3Ob007dWDtbdUNTxWNKYss8xB9oJrgIF6TwrFqLQoLfw7RsDgwksZb0Lj%2F347CxfJjxBRfmO86xVWihA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc38b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg

104.21.50.246

200 OK

96 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
96 kB (95730 bytes)
Hash
9cf3a47a546fbd6e05a7f7261a869bd9
118659c1183d55e0d5d99055ad6c11e775ffa368
518c9ee67c5d7240953aab4767528df8d52e86b0a414ccf6824774cccf176ea3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 95730
last-modified: Wed, 09 Nov 2022 10:50:04 GMT
etag: "636b85dc-175f2"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB6BvveMxCt55UbhLEuuinb0Q3nzFUwxmXCy5qaIp%2Bvo%2Bfoos2NvJk9VmV%2BnJoxIWpS7WFnCE%2B39%2BHOPXqQDqDy94BsJU%2FxdyvW9LZjU8IN8RWpYZX27ADP8T0lrUHWjQYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3bb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg

104.21.50.246

200 OK

54 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
54 kB (54269 bytes)
Hash
cb023a9718909b62aab3877d49ff438a
d8cda96d27249b680ab9d33c6b0ee01647f0db54
e1e6878ad26b276a567d87b3ca38d103c09a0a624f494dafba0cc061fca17fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 54269
last-modified: Wed, 09 Nov 2022 10:39:04 GMT
etag: "636b8348-d3fd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoRyThzZzOMAS4bwxPSKwDPwgSoDSdubo8JddO1Ma6oqqHx7y8%2BiwRz1%2BPMX9wgpGd3mvQV%2BAl89ba27VGSgsPWpehkdih9r3C7Cw3e6EB2r6urol1ruwV38CTtGzIYWbCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3db4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg

104.21.50.246

200 OK

64 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
64 kB (64053 bytes)
Hash
dd6c17179d9a5dc32fa4dce0417575c9
6a46633f7fe6d4b4979352ce40a097fcbe1a5f05
32c0f2113456b78dbdd2de5cb4047d0a3e8a99e663482c671cbe6f9b78a39436

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 64053
last-modified: Wed, 09 Nov 2022 10:36:09 GMT
etag: "636b8299-fa35"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylR%2FryIv%2B%2FWtig6mMrfPrG1rc09lcsM%2BVtta6Snwc3C4EmiA9N15fRzIRP%2BPL6EvWFU8cj9%2BtcospROcoaHHvF6xFjJTxWVJiNh8Jy%2Fz4jxrv4BsbfLZc1rr8x7rOU3AYp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3fb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg

104.21.50.246

200 OK

50 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
50 kB (50282 bytes)
Hash
e75c3493c1cebcb7e13900b81b85a8a0
fd8f37f7d19cade85448a8f48ca69d5f3375d592
3bd3f444925bb2eca9714d3dbb6347df03910af3c0ec2dfd489eb0a8b9e76c9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 50282
last-modified: Wed, 09 Nov 2022 10:32:04 GMT
etag: "636b81a4-c46a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nQS6l1P%2BqTaPhW3aIGzTF%2FUi2HsCnsObA5F9ZGfntZqkH%2Fag1eGyEr6WCEIGw2%2Fg9SWW1Z5BHj7%2Fmsyn%2Fwc4kno9hr9syokj%2BTVahgz63%2BQ6i9NLthh8X5GIc2Yr5ELwiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc43b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg

104.21.50.246

200 OK

41 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
41 kB (41383 bytes)
Hash
fdc453185fc49a46076a58975d775d34
de1cb1926958c2fb71f90e9ade279813832ee818
943a4746f0a7cc92dd62e4e5e0b6c137bf55744af18f438d3f706249021bc97a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 41383
last-modified: Wed, 09 Nov 2022 10:29:03 GMT
etag: "636b80ef-a1a7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImPpwgXihhclNvolYtV3bVp28J%2FJwMCCuACiHDWosCSh59G43umBYcFqCxOQ9yDAb56H1Ttz13t97NX2uU9ZHLfUZGZkJUwIRnZbaqhRtYfuoALhI3nkP7Stc0Me2AGfcwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4ab4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg

104.21.50.246

200 OK

34 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
34 kB (34181 bytes)
Hash
edc0a1fc9de5536352d35075fe9ed449
56329bcb5c6b1ae7a6ee622b4a6b33d08dbcd89a
ce0b1f2feeaa809e4af0686bfb6b0b20e06c9f3718f762d2b38b8bb9ab64e670

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 34181
last-modified: Wed, 09 Nov 2022 09:43:05 GMT
etag: "636b7629-8585"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPzvQRDbOYHJF%2Fk8tUZOLMlZa9u0q5I5Tg958zcnAQjP7G1kuFJIYidL%2BlKbZ%2FpeKfXnnMBB5GlcdkuDS1F3%2FMupIybO5TSu9AHJ2j8FTVCKrXAochP%2Fao5%2FNoXyvbANcZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4fb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg

104.21.50.246

200 OK

36 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
36 kB (35849 bytes)
Hash
a61e07058497be1291ed1540251054c1
46d533bd7665695ba14ae35299f7f1d18577a850
0c28d7ed71b2591ceeb4a98400545100fc53995fa56f4b284057604314634c6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 35849
last-modified: Wed, 09 Nov 2022 09:29:05 GMT
etag: "636b72e1-8c09"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gJ%2BlWz5%2BPg3ybPLX0t0Ncrp09T%2F11FulcknAICKdFD2kNLILhmwjTjF3EKtGdsf65eCvyXhizGsNdMDP6MM1ufcGb2uPp8%2BrNoJtRc4kQs5e1vStQ5w3U1kx9mX26KZ0%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc51b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg

104.21.50.246

200 OK

95 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
95 kB (95139 bytes)
Hash
2052c5d2445c2501edddd85f2afa4f1b
3fa6dbd2c7c207fba472a15b7a7491e43df86088
3cdcaf95da5bb6e930b574e99edf0e45a84ce710424a74f14a481cd3805e89c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 95139
last-modified: Wed, 09 Nov 2022 09:05:04 GMT
etag: "636b6d40-173a3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJ5rmPAjaH4AsnBDc3FeV9LPlYSpJvd%2Bxf8%2FuDnQTpnohcXhBUzedBoElUlj0kMx3w276BiYl76fRiJd9cabdX37R3dLeboQTshAfeVRdxNvrjL1lpbTwnAPw2COFbAcfKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc52b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg

104.21.50.246

200 OK

86 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
86 kB (85521 bytes)
Hash
a570d4ef05b160b52b62dca43f2063b7
f3791c6a6462e78c5b3f8650ff9b4f0af5a3d2a2
d36307787c78da545446c2718062fc46c63539d89566ef0bce140a2ba5d4de19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 85521
last-modified: Wed, 09 Nov 2022 08:57:04 GMT
etag: "636b6b60-14e11"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J69KXrGobCkJeEHiLWknrjuAxU%2FBK4b2JUqVZI6Jv28FCtpGftZqZVawmN3P2D2pbiZfLC1fCkNzneBSmbmD9CmV8Wm3AzUwvsL9w%2BXg4FDbEBuR5mfnzFZ7wOARVDPU9K0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced80c57b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg

104.21.50.246

200 OK

112 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
112 kB (111894 bytes)
Hash
30330bc3c2d0130854437011eb94302d
b089730191e5efa8db30b0b2bf5ddf47783f5853
85acbaf8f03c122e1a6421968dd56ca53ef5868523679ceb6ed66d2c50735cda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 111894
last-modified: Tue, 08 Nov 2022 15:44:04 GMT
etag: "636a7944-1b516"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XeOCb4rH6p1%2F9sAnIAT7uyRwpqncLeooIq4vWWNPNGNCcS9O%2FVCoP2zAuy7Faq1lJ5Mv3O2HOds%2Bj3qXMnwlQ937UwiHKsEo69PggmtbrE8DUH1Cqfi9IjPxuRa%2FZ5FfC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced80c58b4fa-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 201957
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 149570
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 592772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:59 GMT
expires: Fri, 11 Apr 2025 13:20:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 592769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freshgonews.com/_nuxt/Cos1DWCW.js

104.21.50.246

200 OK

3.2 kB

URL GET HTTP/3
freshgonews.com/_nuxt/Cos1DWCW.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (7047)
Size
3.2 kB (3198 bytes)
Hash
544164803e296ac6c118aa054af92a1a
25f1bcf5a87a428a5a07fd608b7cb2f665857211
bb14b05e4dd0fdd1241059c5cfdc234bd587702f306c779fa37c699ffc1a0893

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Cos1DWCW.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"2123-JfG89ah6QopaB/1gi3yy9mWFchE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZqRhqF%2BckhC73RzA51NYTe08sitTLr4SjNKbX94dIdPAQTqcJjOWxVC2SSrtS09%2F14wmgh8%2FCgjNdHRZJexd5eyzColeTpq8c6ZkH6BiyyB4qtQ2M1h%2FwqEW62WsDf1D%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/Btjofjne.js

104.21.50.246

200 OK

3.0 kB

URL GET HTTP/3
freshgonews.com/_nuxt/Btjofjne.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
Java source, ASCII text
Size
3.0 kB (3013 bytes)
Hash
98426f0bc2b9bc90bb8fa11ef7b1d630
00e4b8f6ab803e710e65ec8b388408e80d2cd606
2888d1e80cbc4de367ce49228b3ea54d79a57281f77b20a554826714d3604c11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Btjofjne.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"ff-AOS49quAPnEOZeyLOIQI6A0s1gY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k961SJo8%2FrpDErNsNzGxIkZXL%2BPtYfU2IS0u9XSLw6XQ0m%2F3%2FKqjZYktWcakiq8CRmbyD8xk%2BCWi%2Bmm%2Bk54YQNMFgax80Dy%2BIHqArFypxqGGDTBUqZRgv72OYK7TfP0L0AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bcb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/DS5d5h-7.js

104.21.50.246

200 OK

4.5 kB

URL GET HTTP/3
freshgonews.com/_nuxt/DS5d5h-7.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (4601), with no line terminators
Size
4.5 kB (4500 bytes)
Hash
004ff34aebd752dcfc531383d023c937
22fe9508e34e86a871baca6879a05ca9dfa9aef4
1f8b74941667f1e3b149530b18f13840707ee0aa4a2b2c6513d81e235f62b96b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DS5d5h-7.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1194-VH1jyF8N28z6Pxvl3+g6FM38G9U"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0IVVh11L4lT5H6%2BSjwhFrFfbzFdxiVfXerpCnz3zHIjSWbblUTx1J5ZXky9uTAiYQ2WCOVfal1CIoXmN5%2FzrIUYnnlxaHKeM7zz7inV2BppbdjmUU8XfjMFtZK6535yMTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfde6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_showcase/images/templates/rednews/favicon.png

104.21.50.246

200 OK

408 B

URL GET HTTP/3
freshgonews.com/_showcase/images/templates/rednews/favicon.png
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
PNG image data, 59 x 59, 4-bit colormap, non-interlaced
Size
408 B (408 bytes)
Hash
b4fddd4262d09275da6a0819c9595e4c
44adabf5be128e498fde7b3123dff0f44afad4e8
4d9907c300d9cbc19390bc76bb489d42a95bab6c8bf34097b3fc60fb4de1674b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/favicon.png HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/png
content-length: 408
vary: Accept-Encoding
etag: "198-RK2r9b4SjkmP3nsxI9/w9Er61Og"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZKPkuTGjvlXL4lHZnYNfD5MmPorX0oGa0tfgIF9n9BWNuvnxegsIvpHZJLqQN9yuDckBH8%2Fe%2F4iNUKLFmY532rw0MK4kx%2F08o3LZp555EicNaGUz9GhLfKb8gCwdrlL1uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedc3b1fb4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/AwVj6KRX.js

104.21.50.246

200 OK

258 B

URL GET HTTP/3
freshgonews.com/_nuxt/AwVj6KRX.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
258 B (258 bytes)
Hash
11e3d76d9e7217dc841797300d63e4da
26ecece1c2e498cd1bbf3e08873729baf8621e2b
a98d0b15d4d7bb06b35ccbc76969aba34cdf68813f59bbe55a67e0baf8db2750

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/AwVj6KRX.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"102-1Ks3n/+t6LMbTJdz37TlfzBMqA0"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liu5gqkatoF8v1p6YKh%2FS4%2Fe3rDqbddplgZBPHkNHmd8zUWwbA%2Btivr6u%2FwIZq5GNB0FBgZrlxL6D%2BdSc9Jaun2oE9IUAfJT%2FrmbdCtbUwUe6Xs0KiRvL2PNFIYO1%2BcTboQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedc4b44b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/DObMaDnu.js

104.21.50.246

200 OK

102 B

URL GET HTTP/3
freshgonews.com/_nuxt/DObMaDnu.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
8acbd71a8552022d5a37f6ba3a1579da
ad0ffd8ae6741722135d882111e968157fce614d
4c466e1bc5f5c04ced40ddff98d0dbc604a6450479513bbf7eeca2216696357c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DObMaDnu.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"66-pTK6pwK1oWRd9EykzDOPkGiJp5U"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhCOAQYyIq5RyCz7qcLsTUIR5W6B%2BZ2ubPzzrmEeuBR6QA1fhA2%2BKIHq0HAeisayKbM5OfQHOFK3gR4q5sE8BXmZ%2FD%2BfWVERo6PQoMlCnpIqhYyyHBVm9j55N4Xm6eMVQuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdeab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_showcase/images/svg/icons/search.svg

104.21.50.246

200 OK

870 B

URL GET HTTP/3
freshgonews.com/_showcase/images/svg/icons/search.svg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
SVG Scalable Vector Graphics image
Size
870 B (870 bytes)
Hash
3a5e387714e83a3588f9fa29f4b1abfc
e0fa42b5e120fb06aa423179a897fae93d60f9a9
c23526ff5bdc2be032d7b6dca69cabb311dafdf61f9c618da02b7a06dd039261

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/search.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"366-M9S+R1OGKSD7jBb7hwTnp9TlZ9c"
last-modified: Wed, 10 Apr 2024 09:40:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKUtPuAkYyELjcfoUeSiXiUkTyhdO2ybVkY7y3piPBVOezAd1Xumhdc7yPDxIJ27xmFJF4079vQu0J%2FiItsFK8cgp0cZhAZlPXhGvrDBg15rVthKl0OCA9G7%2FugQNrsczw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec24b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json

104.21.50.246

200 OK

139 B

URL GET HTTP/3
freshgonews.com/_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
532dc00c35d803ec9325b705af7b250a
40c1cac51a4459bc2729156e137d009dd1937b4e
3f526d5a86bd2652546be313b65313d27650abb6885ade35ce158489e61dcc54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: application/json
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8b-Hsu6dVRPTc0m5kVXRKzko2EcIag"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqPw%2F3sHjEtxqHjEkvW3d9skCsHPIqpBg5cBKMiscwYCWbTmXhF6CI95cjKHBlhBA3EGvgaSsezoCn487eBdBiLrEQjCL7V47O6WJRUxvg2CjM8zsizMoagkbBQJpLYxfAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedcbbeeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1

104.21.50.246

200 OK

396 B

URL POST HTTP/3
freshgonews.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (405), with no line terminators
Size
396 B (396 bytes)
Hash
80492deb3900210831894f90eb487feb
99eacd1c83249ccde79529c0544c5e73a4ecf83f
f3b78c8bc4248f94b9f66ad7433ba603ef5006ecc7a29a75a159c936928ce2a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1 HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 677
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFUsXiSsHT79qgFPyNDRmKelwjSO%2B4X%2FmAEMTDzvTs%2FuJfKx%2F6OSlF1PJ%2FVaqQKZIFigma4dxeQSxV3whnDftFq3ONFRMaIMKJ%2BedDU42gIE9%2Bt%2FkHYF1kmNzAsLQSpw3jQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedf6817b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/4cgf5GmW.js

104.21.50.246

200 OK

5.0 kB

URL GET HTTP/3
freshgonews.com/_nuxt/4cgf5GmW.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JavaScript source, ASCII text, with very long lines (5238), with no line terminators
Size
5.0 kB (5047 bytes)
Hash
a8b7c03c5f4c3c06ebf810ef835db25b
6ce9de2c9aaca983da3f2f0028fe69aee217ed1f
9af754766bc3845361b29b870b7250cb2d9fb2c2b662315a8f5dc27534a4d896

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/4cgf5GmW.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/DPMuLL4H.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"13b7-tFMcZseYEyDn7YBJJkkVPFfDX10"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MR%2F2zE2lXKZt9%2BMxEF3qIHG7sy2PI7cIYw6TnNEefJjSV2PoH5vGl6d6Hq7C08idWg8U9PYUzyJ9HEBYtEfjj9rPRAFpZG6jNBbIWY68pOHmYT9iOp2bugJSmB2Ynb%2FkylE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedfb883b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (9600), with no line terminators
Size
9.3 kB (9348 bytes)
Hash
05d209bf2959d773200ca641aa1b09f7
f7471e4279feb1471efe307d363638821db3cf6b
abe40d2352072a0c6a51e50ded28cbc679ac666ea605ff35ba86a47da180a93f

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freshgonews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 10:00:28 GMT
date: Thu, 18 Apr 2024 10:00:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freshgonews.com/_nuxt/Jsjb-v0I.js

104.21.50.246

200 OK

100 B

URL GET HTTP/3
freshgonews.com/_nuxt/Jsjb-v0I.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
9dfe987826b42691341e75204d306857
1503d43e2c3bdb4e12bbd0270c74c8bb9d28098a
5087f1e0b2bb575b21127ce4649bda8d69660c3271cdf1ab53df8bd6d355f88a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Jsjb-v0I.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"64-DZtVGLJ0cEmopa8R+nBm87L25QM"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0egH5klY5vVWSX9GB8l9l84ICMUsLn%2FcZ%2FGiHeWBrC5sDAbSFqGA581xSnQMqz1x24pXETZefnpFw4dqR2A6aibvzRJ3k1zVFa9gWknTFdrEg8XU4OoE5S8c9JynF%2FRMbsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/8UPkXAvb.js

104.21.50.246

200 OK

6.1 kB

URL GET HTTP/3
freshgonews.com/_nuxt/8UPkXAvb.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (6493), with no line terminators
Size
6.1 kB (6138 bytes)
Hash
facd6ceffb7eca36437aa79b12962356
2a24e52c64a91cdf8cec103a455074352c9dd8a7
f3747b6da3379aef3258b90003aa878bc5427602a54f571b711415294a7085cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/8UPkXAvb.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"17fa-mzzddwc9H5XNViWS98RvBTUm8SE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0v%2BWPcxqdsnJXbV5Dqdjt1PFLuhaIBnmOGOW2FWgfJIWmavB8Ikz75VhKLr0S5w3lB1mXbms9TroW9j%2BARy2Sk6EHU2uZEW8Dzc0rrH95aJCWvivfGh%2FXmS65Hmb75JPco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdd6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/VyR_jL2o.js

104.21.50.246

200 OK

2.9 kB

URL GET HTTP/3
freshgonews.com/_nuxt/VyR_jL2o.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (2925), with no line terminators
Size
2.9 kB (2864 bytes)
Hash
4cd4cf09b1efb508cd74e40d557e6f6a
18c77027d99d8499bd762552de9ab183fbb13724
d6808daa385740f413b8fd2ef1671b076ee816a0698803675c3f62835014e7cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/VyR_jL2o.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"b30-VXwA7YnJeod4tW2BUE3RmJvn5I4"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjXePXuJcaNcTanVIUXLlNnLQi3tNK%2F7HOhERyqvysvOQJCXy4ZG08qiw1Mph71nxjt%2BlN7tQXBMu%2BoFoFOggQcoyYvNbafMrwS5LQhpo6THILGa%2FE16Muq6bzNvJkYlHEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/54fJVvsC.js

104.21.50.246

200 OK

264 B

URL GET HTTP/3
freshgonews.com/_nuxt/54fJVvsC.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
264 B (264 bytes)
Hash
fec6a5376ca1caeb3d9c5cd3858fe70b
06fee5a624e5f0c1784bf6ba26c9c48b9f6c30d0
04ed0901c97f0dccd3b71cae2d8c4ed79840961a00fcccc90d258c8cd6913853

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/54fJVvsC.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"108-2nif8jNlnGLE8u12untRJAwsK9c"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhssBz3EFCzmPpokQNwJRndZWTbDXTrIV6khFYr5bPtKm3jn%2BUDHeqjc%2F96eEMBRFB5PiN9NKpK%2F%2BAQxt8%2Bo%2BRROVZyVOacUWeomI4lNyMU0SvBarpBYWvdck1JQO9QGcSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cede0e09b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_showcase/images/svg/icons/calendar.svg

104.21.50.246

200 OK

3.0 kB

URL GET HTTP/3
freshgonews.com/_showcase/images/svg/icons/calendar.svg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
SVG Scalable Vector Graphics image
Size
3.0 kB (3039 bytes)
Hash
6612c5644ad96add55a77120b2c98e3b
061d7a3df4e1c48a3dad50391c8decea4209d334
3b9f1c2530581caaaf22b17fe6c29b04092d7bbd7eff1d8c2e97fe90039bc10f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/calendar.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"bdf-Dr5CJovDuUS0Dw6XTkrx0wX8aPo"
last-modified: Wed, 10 Apr 2024 09:40:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=511qO4dG1Hq%2Bw1CayNSofZSKqiJwkj6LyjdVQPYc6SE8whBW9jDCJYrdoHaY%2FMVZyeK4GQWtv7olJG8y4dDsmrOSnyhXnSGyI8wKehtlBTKJGS7WiYdb2tQ5zzxs7GSCz%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec29b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp

104.21.50.246

200 OK

12 kB

URL GET HTTP/3
freshgonews.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11664 bytes)
Hash
1c6d201910df8df0eb3fcea8739007bb
52a6c44df68eff2c8c126799e3bece8ff6fa1913
41d821dee96ed747866d48785783bb3c6bbffd4b66415cf873231e38d98fcaa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 11664
last-modified: Fri, 28 Jul 2023 10:44:06 GMT
etag: "64c39bf6-2d90"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBzWbI6fmGwsWMckC4oaVz5jcQ0pwLpMhMeRVbAKbpppJQblyBhVlVhVHFuURj0uAk1Cbgklc3SgSjgCK3ET4%2F4d1pQONOhu4XglrgBnr7o7O5HA0iQOltUZ9xWSJ80xLII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec25b4fa-OSL
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/9uwu2KmY.js

104.21.50.246

200 OK

104 B

URL GET HTTP/3
freshgonews.com/_nuxt/9uwu2KmY.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
b6e78e8f6ad760da304ab4ff8e5b4e91
f52aff8bca02977de942d3ef5cbb7a9fd48fd5d0
3b9b1c43621acd936663639673f34975df76d87fc7697d5962c0b21b2d74e805

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/9uwu2KmY.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"68-StlsnIdjz9a/TJ0aaC4oDkS4a0E"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FMjmf9k5tBywyYOjeTJX%2FKXvQFwtK4E8oOQq9nAI%2F3EOawpLNcPO%2BmELE%2F4dEAguSIVpRFQ4%2FRcp%2FGkngvKDNg%2Bz%2FPLJYQ4%2FU7v24CGzAldD%2F0QsG7C3rkfmwmS%2F8qqPKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/entry.BC6_636c.css

104.21.50.246

200 OK

140 B

URL GET HTTP/3
freshgonews.com/_nuxt/entry.BC6_636c.css
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
5e517928ec0f4dad9288a03fe5783382
fce639b6c520119d25d173b866847416b72e23e9
3ad55b42bf2ef1b944bff1be7d4b5bf79606060b882df58dd61e951c93952f65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/entry.BC6_636c.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8c-M4FJxkKyMRmtARLRgJKFCgKaN54"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNZExE9AKIVxYrB1DqfwnLCZwjPQyG98JQkC18hh2xaDfUOnNgNkpmAyByTeIBwpvfjB75jbhjZYZY9JTRuC4Jn7phMZZetkLjvSWlrZP74bp4g34sUF6WXnlxRhS5HymSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec18b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_showcase/images/templates/rednews/decorator-pattern-red.svg

104.21.50.246

200 OK

200 B

URL GET HTTP/3
freshgonews.com/_showcase/images/templates/rednews/decorator-pattern-red.svg
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
6a3cbff720570e45c53bd80a29fbe352
5e8aa989659bb0f023cd175d14b2f68f647b8b94
abd686f959206c4f66f156d365bad2cb3302c14c71e0aa5c740effa44f18f26f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/decorator-pattern-red.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freshgonews.com/_nuxt/app.DJcOOQI7.css
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"c8-sm8X/N2nuTkPQ4/jQ3/0ghIXfEE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srzr%2FiXP4xI0YE%2F6l1HHFTnO6CtlPNzvdC5yTdtqV%2Fmupge4W2APwdr0tHO4uCKPK7ZiNfIh5HIfnBhAev9%2B9wvlF%2BEGxTkgniImv5D5Yf7EV9Sa7JmbHKFxG%2Ftr43Fo%2BBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced9df51b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/Cr1mshXl.js

104.21.50.246

200 OK

91 B

URL GET HTTP/3
freshgonews.com/_nuxt/Cr1mshXl.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
f68d73bcc9518ece71c355a885e74885
992912d85456bd1699354bde2db853f6e071e546
67fa64e977ac83bf989a0cb168c8f1552177d33dec9d164a3f8f837085422889

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Cr1mshXl.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"5b-jLYz0xZpcMGdFoll+vietFdeG6E"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ui%2B%2FWBmNGpDzQHt9KCV0UatvpRCCBqz7g0SQ17SkrvG8ERZtNsmgkC6Rsb%2F4gbgCPinO5BC4wZxyot9bzZkVLff2I9aR20rDw93d%2Fw9HhiYJ8ZBFSb37PRUmM8B9siSZUtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bdb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/DSNm5iTs.js

104.21.50.246

200 OK

210 kB

URL GET HTTP/3
freshgonews.com/_nuxt/DSNm5iTs.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
JavaScript source, ASCII text, with very long lines (50331)
Size
210 kB (209836 bytes)
Hash
085d190c80e90e82cf482ef2665d5807
61ca601c7fbb43f34e23b3cf0637188eba45cea0
ad5d895b6a14a7e96f3c6f1c177fc2cef4727eb84747ab1aff2fa5a62ecc58fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DSNm5iTs.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"333ac-YcpgHH+7Q/NOI7PPBjcYjrpFzqA"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hO7mT8rgsLnIAcndMHrXYsPrrPFoBsNN1UF4O%2BKxf337wYLMgnrtzpVa6PXK9acaI15l2mj0kA7Fej33aJtDI9HurR6cKwkSHV5tDAweoRQ92Yux6kwP5TpxYMqaLItgI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec22b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/3G9erJAb.js

104.21.50.246

200 OK

351 B

URL GET HTTP/3
freshgonews.com/_nuxt/3G9erJAb.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (364), with no line terminators
Size
351 B (351 bytes)
Hash
fb5f7ff09e680a55592920355c769e9a
c7a9775952c94e755f82456b90194c133f9c5832
efde541bee8b0f4c33e1675f35cf34fadaae48ccfa1aa9d53c2f2db4c7a41353

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/3G9erJAb.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/DSNm5iTs.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"15f-ZC8qU6XFtVY9P7f7sFDyPRjs3qo"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPl84TXwInlnxLEj1GzmJcWyWOgJT%2FaseobNqPElZI%2BS0oQhdxnSS6ib%2B1lBe7CA5gQXZnt12eF20OteId9Bt2Uc%2F3aFq8gOOdTODvkLZeVHcKn1DjHEvIBwXBRqGIH0zyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceda2800b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/_H05hw6b.js

104.21.50.246

200 OK

7.4 kB

URL GET HTTP/3
freshgonews.com/_nuxt/_H05hw6b.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (7825), with no line terminators
Size
7.4 kB (7438 bytes)
Hash
c32bb70400df774eda4fa1f3c1965173
cea40aa33cffae802cb107da904e69e56ae5068d
0a0c2f676f9f91ca995ba5e89f3035f2326822e15a33ff7b54fcbcd13ef4d1de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/_H05hw6b.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/Cos1DWCW.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1d0e-1o4m4jlTMaMDVekVnYzcbtGZD70"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuPo5zDgSS5UX%2BlJ7flc6lCZcsjBrKzTofqoTBXkd3NLvxKGObkmQ%2FDl5WfzGjU%2FhRiLkVre0utUDXIHfVNRQON8KIsxbjD9LoetX3ygYxl5rXJ1CIjgnZ7k5NdGg5N3GFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedd8d15b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/CW7FlOGr.js

104.21.50.246

200 OK

426 B

URL GET HTTP/3
freshgonews.com/_nuxt/CW7FlOGr.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (429), with no line terminators
Size
426 B (426 bytes)
Hash
4689c01c6639f64fe0c69a036a55052b
8676f85232b23231d4978c0ab20e384b92b0e1c9
c1481183ebb87a6edd1fff5dacbcf6a92747f99af416569a1abfae5270cc3c10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CW7FlOGr.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1aa-dpWukmudReDAxhN+uEpatBOyTwY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTPcLDgzdlXUINrGHkrbmwm7pbTIXNUE4lXUhgLoygct3BfMQn5z4Ch4qlIhe5qP1S0ilZPsNqCJmDz44Q8Oxr%2FNvz45o0kJmLEAtbNofAfrtyLRRuKL40umbxMi20v7x7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedceb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/app.DJcOOQI7.css

104.21.50.246

200 OK

93 kB

URL GET HTTP/3
freshgonews.com/_nuxt/app.DJcOOQI7.css
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type

Size
93 kB (93107 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.DJcOOQI7.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=93200
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"16c10-xRJy7y2hcOUkrygYzy2+CPylfIE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 232951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsvX53RrLHndWxDCNrRUlnRhmZuDnbYpQzDQabRIyeT8JwoiHvyKVDFtzz3AXNz%2BYRR%2BxJDfO%2B3FicWO%2Bz5sU%2Bg8Ma42ocEyOxUtdnITWunzUu5rA0djBdJcFc2ANgjt%2Bn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec1fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/LCkduOVK.js

104.21.50.246

200 OK

103 B

URL GET HTTP/3
freshgonews.com/_nuxt/LCkduOVK.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
032b881d0d61704749b807e2f5337996
14ed4beb7b6fc915409bc27b9f79d56943b8e44d
e3c0fa334b7264a9acd8ff7941ca89193dbeb6d62ec5ee3e9df40875e29de005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/LCkduOVK.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"67-Mv60lpIY1urn/91pF6xuVwx10OU"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JatczeXdqZSlYUeVqS5NMN8rtLsvegfJ8Zb5qJF4lyvKqERoIRcH1MngPf2gwPypIt3uRnxGENU1TVSx15KICak4bm6WZHYmXi2S1ykEINIJVPhrEWzmjOeE6YbDvaHR2uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cede0e02b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/app.BRr80QMN.css

104.21.50.246

200 OK

9.2 kB

URL GET HTTP/3
freshgonews.com/_nuxt/app.BRr80QMN.css
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (9192), with no line terminators
Size
9.2 kB (9185 bytes)
Hash
d1a38d8cc494c2318a41fd3cfe09f005
009d40cdc75a49ef46536ba915d55422465b8973
f65b4443a0036f24fca17e528bf9e32a6af13fd1f25a3d790451031325a30e0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.BRr80QMN.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"23e1-S9CRAj2GzUpitXAx/mCKGRu4IA8"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJdymSiu9SnQTCvQjxAX8%2BPrumo6wgbtoejwJTkMFBjN0L3KSqh8KPWMoRtBBFChirSrNbFKWwKJrTYoTIkE038Hfdw7iNoEUdPDIo9jtLgbv%2B8nBH3FtbLZtWKh7EBS5ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec1cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/DPMuLL4H.js

104.21.50.246

200 OK

4.6 kB

URL GET HTTP/3
freshgonews.com/_nuxt/DPMuLL4H.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (4640), with no line terminators
Size
4.6 kB (4579 bytes)
Hash
0ed1e43da3a108a8af001ea0b2625336
b4de11ba1377e425ce00c183b12d6c6ed42fedf6
0a4623a03c4ae4b4b672e411d51f7fdbe92f6fb17ea687ddbc7b2d52b545ee5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DPMuLL4H.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"11e3-6ynopqPcWr68gK8qI1+JEv1yGDs"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiNweALp2V8Tbb4M%2BZKGUzNbC%2FS5gfGvoulMpQTpNPIm7VT%2Bzgu6e2Mm907Dgh%2BYiPRUrAjeKUez18wD7REE5EisfeTViNUTbWMj6r9D3on9Ttl1wix4FgwzyCFlAfUE%2BmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedc7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freshgonews.com/_nuxt/DEISlJz5.js

104.21.50.246

200 OK

1.1 kB

URL GET HTTP/3
freshgonews.com/_nuxt/DEISlJz5.js
IP
104.21.50.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freshgonews.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfreshgonews.com
Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83
ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT

File type
ASCII text, with very long lines (1175), with no line terminators
Size
1.1 kB (1146 bytes)
Hash
aac899bca9075e650e5be1d5d995c165
f64f745ef7a72e1e77c9608e1b48a95878da0a10
fa2c6c2cb0b5f8e81e467d1c790212a10b7d54c422acc4a3d5ada54af1335256

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DEISlJz5.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"47a-Zl1hNvSZkHFnOaOZPs5xF9teSYY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEscEcxlEgtPO6X3wWU6CqXmev4zfjIJRTEQ8YtOnrYTGJ8Zz3Po3GlTVDzzoHluJ7CzUZ2cYg55BoeAMuOqsG1OV1rls4yAk0I6GB%2FNSzFG3KO9geSyXeGCcuCgPRE9wr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedc3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML