| freshgonews.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp | 104.21.50.246 | 200 OK | 6.1 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hashd8e163aff7b938bc19d67ce4f8a7e948 b433e43df282df096ef1706895296f4d52542001 56f696d0a1aa8f113ecf3b8727f0282b2c035651f56fff90c3d33e848ea9a5c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 6064
last-modified: Thu, 16 Nov 2023 16:09:06 GMT
etag: "65563ea2-17b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8F8X85S17WhVEk7rELMAJNDtiw8cZY7JfLOLkQkFXCOokXZOiv%2BOPpqPkeHDRLcVcqc%2BwW84YhIN1MwbkWjyAbL7m0k27fcbvD7qzLfksoQ%2BMzsF%2BesXpbwNslTr%2BNxp6JY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc32b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp | 104.21.50.246 | 200 OK | 30 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hashd4c7fdb2c0791086e522ae6e07d36e9e 54c5f49c465b10125b0f67d850a1c65ada62e0b2 bff6cb3aee9059bbe83a337fab3cbca5256a112d2cb43ca27028cf5065849975
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 30410
last-modified: Wed, 13 Mar 2024 10:54:40 GMT
etag: "65f185f0-76ca"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIrvvZdK5DjzCcCng4oq%2BYMvrhURGahhqkJN%2Bq25avaLlakKI1u50VONlo6ZM7u%2B7YyPI8JQnj8ybrwogzujn0qdrS%2FJafDezOjeKfLQ5yUYWHM9DdPmVWkeLO%2FW7mYE4tI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2cb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp | 104.21.50.246 | 200 OK | 25 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hashc4f03d67997708a24c6e5418b266db68 2ae0bc0b59199667c8d190bc50572f2b78d691bc 1526ba8494ffe3e261ad5950f07cdb189dab5da5660fd35c40c10d413ce06a5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 24686
last-modified: Wed, 13 Mar 2024 12:19:41 GMT
etag: "65f199dd-606e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tbFOtjZJX3KmPh%2BKN8cdn0AxLH0vjweBDKkFjYAv5f7fwDWEv9Bm0aZsfT37oRmN540dcAI4ZHcJ%2FCbj%2FYygqGAsCgO09aTg%2FNAhevKnK8w6NQ9Fmf24SmI3QR9HRpEeAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2ab4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp | 104.21.50.246 | 200 OK | 12 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hashcf8f4490d02d593d3858e04b5bf236a9 3fdef16980b9dbea34a59a56b3eb7ff2c0bf8d4f 7ccbb96cdb1b5679feca007c89093bfe26b9fa245cecb59baba93ca9a0ba3186
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 11534
last-modified: Wed, 27 Dec 2023 10:45:06 GMT
etag: "658c0032-2d0e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHvQYBv4QbNImUGAq0JyQHLAiu7X5%2Fu8i9I%2FhUaiZauSflDvoKRYWn%2FIxKHus6yK6z%2B2AXTsSEZqB4ttqclXWap016%2BvtaadEW7lc1o6e%2BXe2OTCf6uJiEgldjFeByAhW6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc30b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.50.246 | 200 OK | 18 kB |
URL User Request GET HTTP/2IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (32406) Hash2737d9aae4d5e11fe9aec4bae6ba1734 abcfcf4561644402d46012cb814d3ebef1736b31 811ea6800d6875965f1fe9b8254b3911291b9e5b245fa9426aab84da421af261
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:00:27 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-expose-headers: *
set-cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; Path=/; Expires=Fri, 18 Apr 2025 10:00:26 GMT
trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; Path=/
visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; Path=/
-414010988=1; Path=/; Expires=Fri, 18 Apr 2025 10:00:27 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u66lTisKsao1rwPizz1zrALYoN61Z%2Fv9T8rYVw%2FOCexpHjp6npOJNxWzfHLXT%2BOiikFEF9rrLDeQJlzKAKKQ4XFKAEM7pzmfPJOiwyaitTc7vASFyj%2FqIQ5bVdk5XnkJseM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cece2f5a56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freshgonews.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp | 104.21.50.246 | 200 OK | 32 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hashd17d60a2e79ccae6e72bc68232617491 359fe3b61c3545948c56548c4bd775c1214388b6 4c30c33481e95187ec9f5413576058092ed9aa64549e6e2367c7c41e66f9d93f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 32264
last-modified: Fri, 15 Mar 2024 15:20:16 GMT
etag: "65f46730-7e08"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEwd%2Blw%2BAk%2FdwIoXTBmIei1j54htWY5IZR6YbutWGzn9gWkYpzdAhWc0asspkIuAHWD8KFC5o%2BHAOr4n0sHei6q5gHy4HNQIPHK1mg6aRlvWnlCZXQ3291uX6%2FTD%2FIrnhxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec2db4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg | 104.21.50.246 | 200 OK | 25 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3 Hash46efdcc121f9417d93a6def374a5a5d4 5d842f046630b14d1fdc9b1db89ccff380526cf5 90d53d41ac97337bf89a77457f6f7a7ef3ec41c50fd87dfb2607696f0fac1fbc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 24975
last-modified: Wed, 09 Nov 2022 09:49:10 GMT
etag: "636b7796-618f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXUuGipXAaDaeqxjWe0u8xO2%2BbLzeXYoLqaHeFL31x7Jg4KeKP%2Fd3Og9yg5v%2FN8K9nbsghUCyzT82i%2F3GAtGKfT4xMT8f6EF%2FgI8mzl3PAC%2FiASd8C7I2TQQZcM6LVhCxG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4cb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg | 104.21.50.246 | 200 OK | 52 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3 Hasheea3f35d627929a8e55ae6d284e7d63f bd861c976319e7d4d9bbeec131062636396bf135 32dee5a9d35987b7dfa3ce7c9aab3d2edfcb7218de82e272d2ca4929430b90bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 52299
last-modified: Wed, 16 Nov 2022 16:17:05 GMT
etag: "63750d01-cc4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlBra8Gjv%2B9PxbU4gQtiDhZM6DAeOtv%2B6nfegDWMqsOsofOCT8P3rmYWfLmLujhzC4vsNSHApw%2Fd0qCIVKM3ms%2FDdbODt2C3pPDZxPEHqF03xc2EPdtvX4cHFsLpsV0i6HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc34b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg | 104.21.50.246 | 200 OK | 75 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hashbe5bf53a1705b73ef1861f9e16e3756f 972bae8cae607eb9f67dc1c70f5faf328b7e7de3 2a10f99f144643a6b9687d131275960261f0eb92c0c5b93377e683ec5bcde672
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 75374
last-modified: Mon, 14 Nov 2022 13:57:02 GMT
etag: "6372492e-1266e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gofcGWKAqiMyL%2FSOjhSJdplCcg%2BYfCmwttVxBIIeOkuyPKA9ZCv3Ob007dWDtbdUNTxWNKYss8xB9oJrgIF6TwrFqLQoLfw7RsDgwksZb0Lj%2F347CxfJjxBRfmO86xVWihA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc38b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg | 104.21.50.246 | 200 OK | 96 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hash9cf3a47a546fbd6e05a7f7261a869bd9 118659c1183d55e0d5d99055ad6c11e775ffa368 518c9ee67c5d7240953aab4767528df8d52e86b0a414ccf6824774cccf176ea3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 95730
last-modified: Wed, 09 Nov 2022 10:50:04 GMT
etag: "636b85dc-175f2"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB6BvveMxCt55UbhLEuuinb0Q3nzFUwxmXCy5qaIp%2Bvo%2Bfoos2NvJk9VmV%2BnJoxIWpS7WFnCE%2B39%2BHOPXqQDqDy94BsJU%2FxdyvW9LZjU8IN8RWpYZX27ADP8T0lrUHWjQYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3bb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg | 104.21.50.246 | 200 OK | 54 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hashcb023a9718909b62aab3877d49ff438a d8cda96d27249b680ab9d33c6b0ee01647f0db54 e1e6878ad26b276a567d87b3ca38d103c09a0a624f494dafba0cc061fca17fdb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 54269
last-modified: Wed, 09 Nov 2022 10:39:04 GMT
etag: "636b8348-d3fd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoRyThzZzOMAS4bwxPSKwDPwgSoDSdubo8JddO1Ma6oqqHx7y8%2BiwRz1%2BPMX9wgpGd3mvQV%2BAl89ba27VGSgsPWpehkdih9r3C7Cw3e6EB2r6urol1ruwV38CTtGzIYWbCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3db4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg | 104.21.50.246 | 200 OK | 64 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hashdd6c17179d9a5dc32fa4dce0417575c9 6a46633f7fe6d4b4979352ce40a097fcbe1a5f05 32c0f2113456b78dbdd2de5cb4047d0a3e8a99e663482c671cbe6f9b78a39436
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 64053
last-modified: Wed, 09 Nov 2022 10:36:09 GMT
etag: "636b8299-fa35"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylR%2FryIv%2B%2FWtig6mMrfPrG1rc09lcsM%2BVtta6Snwc3C4EmiA9N15fRzIRP%2BPL6EvWFU8cj9%2BtcospROcoaHHvF6xFjJTxWVJiNh8Jy%2Fz4jxrv4BsbfLZc1rr8x7rOU3AYp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc3fb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg | 104.21.50.246 | 200 OK | 50 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hashe75c3493c1cebcb7e13900b81b85a8a0 fd8f37f7d19cade85448a8f48ca69d5f3375d592 3bd3f444925bb2eca9714d3dbb6347df03910af3c0ec2dfd489eb0a8b9e76c9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 50282
last-modified: Wed, 09 Nov 2022 10:32:04 GMT
etag: "636b81a4-c46a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nQS6l1P%2BqTaPhW3aIGzTF%2FUi2HsCnsObA5F9ZGfntZqkH%2Fag1eGyEr6WCEIGw2%2Fg9SWW1Z5BHj7%2Fmsyn%2Fwc4kno9hr9syokj%2BTVahgz63%2BQ6i9NLthh8X5GIc2Yr5ELwiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc43b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg | 104.21.50.246 | 200 OK | 41 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hashfdc453185fc49a46076a58975d775d34 de1cb1926958c2fb71f90e9ade279813832ee818 943a4746f0a7cc92dd62e4e5e0b6c137bf55744af18f438d3f706249021bc97a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 41383
last-modified: Wed, 09 Nov 2022 10:29:03 GMT
etag: "636b80ef-a1a7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImPpwgXihhclNvolYtV3bVp28J%2FJwMCCuACiHDWosCSh59G43umBYcFqCxOQ9yDAb56H1Ttz13t97NX2uU9ZHLfUZGZkJUwIRnZbaqhRtYfuoALhI3nkP7Stc0Me2AGfcwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4ab4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg | 104.21.50.246 | 200 OK | 34 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3 Hashedc0a1fc9de5536352d35075fe9ed449 56329bcb5c6b1ae7a6ee622b4a6b33d08dbcd89a ce0b1f2feeaa809e4af0686bfb6b0b20e06c9f3718f762d2b38b8bb9ab64e670
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 34181
last-modified: Wed, 09 Nov 2022 09:43:05 GMT
etag: "636b7629-8585"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPzvQRDbOYHJF%2Fk8tUZOLMlZa9u0q5I5Tg958zcnAQjP7G1kuFJIYidL%2BlKbZ%2FpeKfXnnMBB5GlcdkuDS1F3%2FMupIybO5TSu9AHJ2j8FTVCKrXAochP%2Fao5%2FNoXyvbANcZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc4fb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg | 104.21.50.246 | 200 OK | 36 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3 Hasha61e07058497be1291ed1540251054c1 46d533bd7665695ba14ae35299f7f1d18577a850 0c28d7ed71b2591ceeb4a98400545100fc53995fa56f4b284057604314634c6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 35849
last-modified: Wed, 09 Nov 2022 09:29:05 GMT
etag: "636b72e1-8c09"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gJ%2BlWz5%2BPg3ybPLX0t0Ncrp09T%2F11FulcknAICKdFD2kNLILhmwjTjF3EKtGdsf65eCvyXhizGsNdMDP6MM1ufcGb2uPp8%2BrNoJtRc4kQs5e1vStQ5w3U1kx9mX26KZ0%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc51b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg | 104.21.50.246 | 200 OK | 95 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hash2052c5d2445c2501edddd85f2afa4f1b 3fa6dbd2c7c207fba472a15b7a7491e43df86088 3cdcaf95da5bb6e930b574e99edf0e45a84ce710424a74f14a481cd3805e89c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 95139
last-modified: Wed, 09 Nov 2022 09:05:04 GMT
etag: "636b6d40-173a3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJ5rmPAjaH4AsnBDc3FeV9LPlYSpJvd%2Bxf8%2FuDnQTpnohcXhBUzedBoElUlj0kMx3w276BiYl76fRiJd9cabdX37R3dLeboQTshAfeVRdxNvrjL1lpbTwnAPw2COFbAcfKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7fc52b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg | 104.21.50.246 | 200 OK | 86 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Hasha570d4ef05b160b52b62dca43f2063b7 f3791c6a6462e78c5b3f8650ff9b4f0af5a3d2a2 d36307787c78da545446c2718062fc46c63539d89566ef0bce140a2ba5d4de19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 85521
last-modified: Wed, 09 Nov 2022 08:57:04 GMT
etag: "636b6b60-14e11"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J69KXrGobCkJeEHiLWknrjuAxU%2FBK4b2JUqVZI6Jv28FCtpGftZqZVawmN3P2D2pbiZfLC1fCkNzneBSmbmD9CmV8Wm3AzUwvsL9w%2BXg4FDbEBuR5mfnzFZ7wOARVDPU9K0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced80c57b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg | 104.21.50.246 | 200 OK | 112 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3 Size112 kB (111894 bytes) Hash30330bc3c2d0130854437011eb94302d b089730191e5efa8db30b0b2bf5ddf47783f5853 85acbaf8f03c122e1a6421968dd56ca53ef5868523679ceb6ed66d2c50735cda
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/jpeg
content-length: 111894
last-modified: Tue, 08 Nov 2022 15:44:04 GMT
etag: "636a7944-1b516"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XeOCb4rH6p1%2F9sAnIAT7uyRwpqncLeooIq4vWWNPNGNCcS9O%2FVCoP2zAuy7Faq1lJ5Mv3O2HOds%2Bj3qXMnwlQ937UwiHKsEo69PggmtbrE8DUH1Cqfi9IjPxuRa%2FZ5FfC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced80c58b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 201957
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 149570
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 592772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15752, version 1.0 Hashb20371a6daf29d4a1f2e85dbbf40fb20 0355a01c1ccb45cb728e7e07c41c8ebf456f70bb 7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:59 GMT
expires: Fri, 11 Apr 2025 13:20:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 592769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freshgonews.com/_nuxt/Cos1DWCW.js | 104.21.50.246 | 200 OK | 3.2 kB |
URL GET HTTP/3freshgonews.com/_nuxt/Cos1DWCW.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (7047) Hash544164803e296ac6c118aa054af92a1a 25f1bcf5a87a428a5a07fd608b7cb2f665857211 bb14b05e4dd0fdd1241059c5cfdc234bd587702f306c779fa37c699ffc1a0893
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/Cos1DWCW.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"2123-JfG89ah6QopaB/1gi3yy9mWFchE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZqRhqF%2BckhC73RzA51NYTe08sitTLr4SjNKbX94dIdPAQTqcJjOWxVC2SSrtS09%2F14wmgh8%2FCgjNdHRZJexd5eyzColeTpq8c6ZkH6BiyyB4qtQ2M1h%2FwqEW62WsDf1D%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/Btjofjne.js | 104.21.50.246 | 200 OK | 3.0 kB |
URL GET HTTP/3freshgonews.com/_nuxt/Btjofjne.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
Hash98426f0bc2b9bc90bb8fa11ef7b1d630 00e4b8f6ab803e710e65ec8b388408e80d2cd606 2888d1e80cbc4de367ce49228b3ea54d79a57281f77b20a554826714d3604c11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/Btjofjne.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"ff-AOS49quAPnEOZeyLOIQI6A0s1gY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k961SJo8%2FrpDErNsNzGxIkZXL%2BPtYfU2IS0u9XSLw6XQ0m%2F3%2FKqjZYktWcakiq8CRmbyD8xk%2BCWi%2Bmm%2Bk54YQNMFgax80Dy%2BIHqArFypxqGGDTBUqZRgv72OYK7TfP0L0AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bcb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/DS5d5h-7.js | 104.21.50.246 | 200 OK | 4.5 kB |
URL GET HTTP/3freshgonews.com/_nuxt/DS5d5h-7.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (4601), with no line terminators Hash004ff34aebd752dcfc531383d023c937 22fe9508e34e86a871baca6879a05ca9dfa9aef4 1f8b74941667f1e3b149530b18f13840707ee0aa4a2b2c6513d81e235f62b96b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/DS5d5h-7.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1194-VH1jyF8N28z6Pxvl3+g6FM38G9U"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0IVVh11L4lT5H6%2BSjwhFrFfbzFdxiVfXerpCnz3zHIjSWbblUTx1J5ZXky9uTAiYQ2WCOVfal1CIoXmN5%2FzrIUYnnlxaHKeM7zz7inV2BppbdjmUU8XfjMFtZK6535yMTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfde6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_showcase/images/templates/rednews/favicon.png | 104.21.50.246 | 200 OK | 408 B |
URL GET HTTP/3freshgonews.com/_showcase/images/templates/rednews/favicon.png IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typePNG image data, 59 x 59, 4-bit colormap, non-interlaced Hashb4fddd4262d09275da6a0819c9595e4c 44adabf5be128e498fde7b3123dff0f44afad4e8 4d9907c300d9cbc19390bc76bb489d42a95bab6c8bf34097b3fc60fb4de1674b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_showcase/images/templates/rednews/favicon.png HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/png
content-length: 408
vary: Accept-Encoding
etag: "198-RK2r9b4SjkmP3nsxI9/w9Er61Og"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZKPkuTGjvlXL4lHZnYNfD5MmPorX0oGa0tfgIF9n9BWNuvnxegsIvpHZJLqQN9yuDckBH8%2Fe%2F4iNUKLFmY532rw0MK4kx%2F08o3LZp555EicNaGUz9GhLfKb8gCwdrlL1uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedc3b1fb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/AwVj6KRX.js | 104.21.50.246 | 200 OK | 258 B |
URL GET HTTP/3freshgonews.com/_nuxt/AwVj6KRX.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJavaScript source, ASCII text, with no line terminators Hash11e3d76d9e7217dc841797300d63e4da 26ecece1c2e498cd1bbf3e08873729baf8621e2b a98d0b15d4d7bb06b35ccbc76969aba34cdf68813f59bbe55a67e0baf8db2750
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/AwVj6KRX.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"102-1Ks3n/+t6LMbTJdz37TlfzBMqA0"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liu5gqkatoF8v1p6YKh%2FS4%2Fe3rDqbddplgZBPHkNHmd8zUWwbA%2Btivr6u%2FwIZq5GNB0FBgZrlxL6D%2BdSc9Jaun2oE9IUAfJT%2FrmbdCtbUwUe6Xs0KiRvL2PNFIYO1%2BcTboQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedc4b44b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/DObMaDnu.js | 104.21.50.246 | 200 OK | 102 B |
URL GET HTTP/3freshgonews.com/_nuxt/DObMaDnu.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hash8acbd71a8552022d5a37f6ba3a1579da ad0ffd8ae6741722135d882111e968157fce614d 4c466e1bc5f5c04ced40ddff98d0dbc604a6450479513bbf7eeca2216696357c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/DObMaDnu.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"66-pTK6pwK1oWRd9EykzDOPkGiJp5U"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhCOAQYyIq5RyCz7qcLsTUIR5W6B%2BZ2ubPzzrmEeuBR6QA1fhA2%2BKIHq0HAeisayKbM5OfQHOFK3gR4q5sE8BXmZ%2FD%2BfWVERo6PQoMlCnpIqhYyyHBVm9j55N4Xm6eMVQuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdeab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_showcase/images/svg/icons/search.svg | 104.21.50.246 | 200 OK | 870 B |
URL GET HTTP/3freshgonews.com/_showcase/images/svg/icons/search.svg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeSVG Scalable Vector Graphics image Hash3a5e387714e83a3588f9fa29f4b1abfc e0fa42b5e120fb06aa423179a897fae93d60f9a9 c23526ff5bdc2be032d7b6dca69cabb311dafdf61f9c618da02b7a06dd039261
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_showcase/images/svg/icons/search.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"366-M9S+R1OGKSD7jBb7hwTnp9TlZ9c"
last-modified: Wed, 10 Apr 2024 09:40:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKUtPuAkYyELjcfoUeSiXiUkTyhdO2ybVkY7y3piPBVOezAd1Xumhdc7yPDxIJ27xmFJF4079vQu0J%2FiItsFK8cgp0cZhAZlPXhGvrDBg15rVthKl0OCA9G7%2FugQNrsczw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec24b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json | 104.21.50.246 | 200 OK | 139 B |
URL GET HTTP/3freshgonews.com/_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash532dc00c35d803ec9325b705af7b250a 40c1cac51a4459bc2729156e137d009dd1937b4e 3f526d5a86bd2652546be313b65313d27650abb6885ade35ce158489e61dcc54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/builds/meta/fa05fad8-3357-4ccc-a190-e874a58bf705.json HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: application/json
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8b-Hsu6dVRPTc0m5kVXRKzko2EcIag"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqPw%2F3sHjEtxqHjEkvW3d9skCsHPIqpBg5cBKMiscwYCWbTmXhF6CI95cjKHBlhBA3EGvgaSsezoCn487eBdBiLrEQjCL7V47O6WJRUxvg2CjM8zsizMoagkbBQJpLYxfAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedcbbeeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1 | 104.21.50.246 | 200 OK | 396 B |
URL POST HTTP/3freshgonews.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1 IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (405), with no line terminators Hash80492deb3900210831894f90eb487feb 99eacd1c83249ccde79529c0544c5e73a4ecf83f f3b78c8bc4248f94b9f66ad7433ba603ef5006ecc7a29a75a159c936928ce2a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=deb91dfa-8c92-4ec5-b903-d2408c21f1f1 HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 677
Origin: https://freshgonews.com
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFUsXiSsHT79qgFPyNDRmKelwjSO%2B4X%2FmAEMTDzvTs%2FuJfKx%2F6OSlF1PJ%2FVaqQKZIFigma4dxeQSxV3whnDftFq3ONFRMaIMKJ%2BedDU42gIE9%2Bt%2FkHYF1kmNzAsLQSpw3jQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedf6817b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/4cgf5GmW.js | 104.21.50.246 | 200 OK | 5.0 kB |
URL GET HTTP/3freshgonews.com/_nuxt/4cgf5GmW.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJavaScript source, ASCII text, with very long lines (5238), with no line terminators Hasha8b7c03c5f4c3c06ebf810ef835db25b 6ce9de2c9aaca983da3f2f0028fe69aee217ed1f 9af754766bc3845361b29b870b7250cb2d9fb2c2b662315a8f5dc27534a4d896
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/4cgf5GmW.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/DPMuLL4H.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"13b7-tFMcZseYEyDn7YBJJkkVPFfDX10"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MR%2F2zE2lXKZt9%2BMxEF3qIHG7sy2PI7cIYw6TnNEefJjSV2PoH5vGl6d6Hq7C08idWg8U9PYUzyJ9HEBYtEfjj9rPRAFpZG6jNBbIWY68pOHmYT9iOp2bugJSmB2Ynb%2FkylE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedfb883b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap | 142.250.74.106 | 200 OK | 9.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (9600), with no line terminators Hash05d209bf2959d773200ca641aa1b09f7 f7471e4279feb1471efe307d363638821db3cf6b abe40d2352072a0c6a51e50ded28cbc679ac666ea605ff35ba86a47da180a93f
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freshgonews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 10:00:28 GMT
date: Thu, 18 Apr 2024 10:00:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freshgonews.com/_nuxt/Jsjb-v0I.js | 104.21.50.246 | 200 OK | 100 B |
URL GET HTTP/3freshgonews.com/_nuxt/Jsjb-v0I.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hash9dfe987826b42691341e75204d306857 1503d43e2c3bdb4e12bbd0270c74c8bb9d28098a 5087f1e0b2bb575b21127ce4649bda8d69660c3271cdf1ab53df8bd6d355f88a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/Jsjb-v0I.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"64-DZtVGLJ0cEmopa8R+nBm87L25QM"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0egH5klY5vVWSX9GB8l9l84ICMUsLn%2FcZ%2FGiHeWBrC5sDAbSFqGA581xSnQMqz1x24pXETZefnpFw4dqR2A6aibvzRJ3k1zVFa9gWknTFdrEg8XU4OoE5S8c9JynF%2FRMbsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/8UPkXAvb.js | 104.21.50.246 | 200 OK | 6.1 kB |
URL GET HTTP/3freshgonews.com/_nuxt/8UPkXAvb.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (6493), with no line terminators Hashfacd6ceffb7eca36437aa79b12962356 2a24e52c64a91cdf8cec103a455074352c9dd8a7 f3747b6da3379aef3258b90003aa878bc5427602a54f571b711415294a7085cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/8UPkXAvb.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"17fa-mzzddwc9H5XNViWS98RvBTUm8SE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0v%2BWPcxqdsnJXbV5Dqdjt1PFLuhaIBnmOGOW2FWgfJIWmavB8Ikz75VhKLr0S5w3lB1mXbms9TroW9j%2BARy2Sk6EHU2uZEW8Dzc0rrH95aJCWvivfGh%2FXmS65Hmb75JPco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdd6b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/VyR_jL2o.js | 104.21.50.246 | 200 OK | 2.9 kB |
URL GET HTTP/3freshgonews.com/_nuxt/VyR_jL2o.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (2925), with no line terminators Hash4cd4cf09b1efb508cd74e40d557e6f6a 18c77027d99d8499bd762552de9ab183fbb13724 d6808daa385740f413b8fd2ef1671b076ee816a0698803675c3f62835014e7cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/VyR_jL2o.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"b30-VXwA7YnJeod4tW2BUE3RmJvn5I4"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjXePXuJcaNcTanVIUXLlNnLQi3tNK%2F7HOhERyqvysvOQJCXy4ZG08qiw1Mph71nxjt%2BlN7tQXBMu%2BoFoFOggQcoyYvNbafMrwS5LQhpo6THILGa%2FE16Muq6bzNvJkYlHEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/54fJVvsC.js | 104.21.50.246 | 200 OK | 264 B |
URL GET HTTP/3freshgonews.com/_nuxt/54fJVvsC.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hashfec6a5376ca1caeb3d9c5cd3858fe70b 06fee5a624e5f0c1784bf6ba26c9c48b9f6c30d0 04ed0901c97f0dccd3b71cae2d8c4ed79840961a00fcccc90d258c8cd6913853
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/54fJVvsC.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"108-2nif8jNlnGLE8u12untRJAwsK9c"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhssBz3EFCzmPpokQNwJRndZWTbDXTrIV6khFYr5bPtKm3jn%2BUDHeqjc%2F96eEMBRFB5PiN9NKpK%2F%2BAQxt8%2Bo%2BRROVZyVOacUWeomI4lNyMU0SvBarpBYWvdck1JQO9QGcSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cede0e09b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_showcase/images/svg/icons/calendar.svg | 104.21.50.246 | 200 OK | 3.0 kB |
URL GET HTTP/3freshgonews.com/_showcase/images/svg/icons/calendar.svg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeSVG Scalable Vector Graphics image Hash6612c5644ad96add55a77120b2c98e3b 061d7a3df4e1c48a3dad50391c8decea4209d334 3b9f1c2530581caaaf22b17fe6c29b04092d7bbd7eff1d8c2e97fe90039bc10f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_showcase/images/svg/icons/calendar.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"bdf-Dr5CJovDuUS0Dw6XTkrx0wX8aPo"
last-modified: Wed, 10 Apr 2024 09:40:01 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=511qO4dG1Hq%2Bw1CayNSofZSKqiJwkj6LyjdVQPYc6SE8whBW9jDCJYrdoHaY%2FMVZyeK4GQWtv7olJG8y4dDsmrOSnyhXnSGyI8wKehtlBTKJGS7WiYdb2tQ5zzxs7GSCz%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec29b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp | 104.21.50.246 | 200 OK | 12 kB |
URL GET HTTP/3freshgonews.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp Hash1c6d201910df8df0eb3fcea8739007bb 52a6c44df68eff2c8c126799e3bece8ff6fa1913 41d821dee96ed747866d48785783bb3c6bbffd4b66415cf873231e38d98fcaa7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/webp
content-length: 11664
last-modified: Fri, 28 Jul 2023 10:44:06 GMT
etag: "64c39bf6-2d90"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBzWbI6fmGwsWMckC4oaVz5jcQ0pwLpMhMeRVbAKbpppJQblyBhVlVhVHFuURj0uAk1Cbgklc3SgSjgCK3ET4%2F4d1pQONOhu4XglrgBnr7o7O5HA0iQOltUZ9xWSJ80xLII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763ced7ec25b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/9uwu2KmY.js | 104.21.50.246 | 200 OK | 104 B |
URL GET HTTP/3freshgonews.com/_nuxt/9uwu2KmY.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hashb6e78e8f6ad760da304ab4ff8e5b4e91 f52aff8bca02977de942d3ef5cbb7a9fd48fd5d0 3b9b1c43621acd936663639673f34975df76d87fc7697d5962c0b21b2d74e805
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/9uwu2KmY.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"68-StlsnIdjz9a/TJ0aaC4oDkS4a0E"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FMjmf9k5tBywyYOjeTJX%2FKXvQFwtK4E8oOQq9nAI%2F3EOawpLNcPO%2BmELE%2F4dEAguSIVpRFQ4%2FRcp%2FGkngvKDNg%2Bz%2FPLJYQ4%2FU7v24CGzAldD%2F0QsG7C3rkfmwmS%2F8qqPKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddfdf1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/entry.BC6_636c.css | 104.21.50.246 | 200 OK | 140 B |
URL GET HTTP/3freshgonews.com/_nuxt/entry.BC6_636c.css IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hash5e517928ec0f4dad9288a03fe5783382 fce639b6c520119d25d173b866847416b72e23e9 3ad55b42bf2ef1b944bff1be7d4b5bf79606060b882df58dd61e951c93952f65
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/entry.BC6_636c.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8c-M4FJxkKyMRmtARLRgJKFCgKaN54"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNZExE9AKIVxYrB1DqfwnLCZwjPQyG98JQkC18hh2xaDfUOnNgNkpmAyByTeIBwpvfjB75jbhjZYZY9JTRuC4Jn7phMZZetkLjvSWlrZP74bp4g34sUF6WXnlxRhS5HymSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec18b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_showcase/images/templates/rednews/decorator-pattern-red.svg | 104.21.50.246 | 200 OK | 200 B |
URL GET HTTP/3freshgonews.com/_showcase/images/templates/rednews/decorator-pattern-red.svg IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeSVG Scalable Vector Graphics image Hash6a3cbff720570e45c53bd80a29fbe352 5e8aa989659bb0f023cd175d14b2f68f647b8b94 abd686f959206c4f66f156d365bad2cb3302c14c71e0aa5c740effa44f18f26f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_showcase/images/templates/rednews/decorator-pattern-red.svg HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freshgonews.com/_nuxt/app.DJcOOQI7.css
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"c8-sm8X/N2nuTkPQ4/jQ3/0ghIXfEE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srzr%2FiXP4xI0YE%2F6l1HHFTnO6CtlPNzvdC5yTdtqV%2Fmupge4W2APwdr0tHO4uCKPK7ZiNfIh5HIfnBhAev9%2B9wvlF%2BEGxTkgniImv5D5Yf7EV9Sa7JmbHKFxG%2Ftr43Fo%2BBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced9df51b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/Cr1mshXl.js | 104.21.50.246 | 200 OK | 91 B |
URL GET HTTP/3freshgonews.com/_nuxt/Cr1mshXl.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hashf68d73bcc9518ece71c355a885e74885 992912d85456bd1699354bde2db853f6e071e546 67fa64e977ac83bf989a0cb168c8f1552177d33dec9d164a3f8f837085422889
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/Cr1mshXl.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/3G9erJAb.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"5b-jLYz0xZpcMGdFoll+vietFdeG6E"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ui%2B%2FWBmNGpDzQHt9KCV0UatvpRCCBqz7g0SQ17SkrvG8ERZtNsmgkC6Rsb%2F4gbgCPinO5BC4wZxyot9bzZkVLff2I9aR20rDw93d%2Fw9HhiYJ8ZBFSb37PRUmM8B9siSZUtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedb69bdb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/DSNm5iTs.js | 104.21.50.246 | 200 OK | 210 kB |
URL GET HTTP/3freshgonews.com/_nuxt/DSNm5iTs.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeJavaScript source, ASCII text, with very long lines (50331) Size210 kB (209836 bytes) Hash085d190c80e90e82cf482ef2665d5807 61ca601c7fbb43f34e23b3cf0637188eba45cea0 ad5d895b6a14a7e96f3c6f1c177fc2cef4727eb84747ab1aff2fa5a62ecc58fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/DSNm5iTs.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"333ac-YcpgHH+7Q/NOI7PPBjcYjrpFzqA"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hO7mT8rgsLnIAcndMHrXYsPrrPFoBsNN1UF4O%2BKxf337wYLMgnrtzpVa6PXK9acaI15l2mj0kA7Fej33aJtDI9HurR6cKwkSHV5tDAweoRQ92Yux6kwP5TpxYMqaLItgI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec22b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/3G9erJAb.js | 104.21.50.246 | 200 OK | 351 B |
URL GET HTTP/3freshgonews.com/_nuxt/3G9erJAb.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (364), with no line terminators Hashfb5f7ff09e680a55592920355c769e9a c7a9775952c94e755f82456b90194c133f9c5832 efde541bee8b0f4c33e1675f35cf34fadaae48ccfa1aa9d53c2f2db4c7a41353
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/3G9erJAb.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/DSNm5iTs.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"15f-ZC8qU6XFtVY9P7f7sFDyPRjs3qo"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPl84TXwInlnxLEj1GzmJcWyWOgJT%2FaseobNqPElZI%2BS0oQhdxnSS6ib%2B1lBe7CA5gQXZnt12eF20OteId9Bt2Uc%2F3aFq8gOOdTODvkLZeVHcKn1DjHEvIBwXBRqGIH0zyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceda2800b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/_H05hw6b.js | 104.21.50.246 | 200 OK | 7.4 kB |
URL GET HTTP/3freshgonews.com/_nuxt/_H05hw6b.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (7825), with no line terminators Hashc32bb70400df774eda4fa1f3c1965173 cea40aa33cffae802cb107da904e69e56ae5068d 0a0c2f676f9f91ca995ba5e89f3035f2326822e15a33ff7b54fcbcd13ef4d1de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/_H05hw6b.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/Cos1DWCW.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1d0e-1o4m4jlTMaMDVekVnYzcbtGZD70"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuPo5zDgSS5UX%2BlJ7flc6lCZcsjBrKzTofqoTBXkd3NLvxKGObkmQ%2FDl5WfzGjU%2FhRiLkVre0utUDXIHfVNRQON8KIsxbjD9LoetX3ygYxl5rXJ1CIjgnZ7k5NdGg5N3GFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cedd8d15b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/CW7FlOGr.js | 104.21.50.246 | 200 OK | 426 B |
URL GET HTTP/3freshgonews.com/_nuxt/CW7FlOGr.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash4689c01c6639f64fe0c69a036a55052b 8676f85232b23231d4978c0ab20e384b92b0e1c9 c1481183ebb87a6edd1fff5dacbcf6a92747f99af416569a1abfae5270cc3c10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/CW7FlOGr.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1aa-dpWukmudReDAxhN+uEpatBOyTwY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTPcLDgzdlXUINrGHkrbmwm7pbTIXNUE4lXUhgLoygct3BfMQn5z4Ch4qlIhe5qP1S0ilZPsNqCJmDz44Q8Oxr%2FNvz45o0kJmLEAtbNofAfrtyLRRuKL40umbxMi20v7x7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedceb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/app.DJcOOQI7.css | 104.21.50.246 | 200 OK | 93 kB |
URL GET HTTP/3freshgonews.com/_nuxt/app.DJcOOQI7.css IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/app.DJcOOQI7.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=93200
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"16c10-xRJy7y2hcOUkrygYzy2+CPylfIE"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 232951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsvX53RrLHndWxDCNrRUlnRhmZuDnbYpQzDQabRIyeT8JwoiHvyKVDFtzz3AXNz%2BYRR%2BxJDfO%2B3FicWO%2Bz5sU%2Bg8Ma42ocEyOxUtdnITWunzUu5rA0djBdJcFc2ANgjt%2Bn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec1fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/LCkduOVK.js | 104.21.50.246 | 200 OK | 103 B |
URL GET HTTP/3freshgonews.com/_nuxt/LCkduOVK.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with no line terminators Hash032b881d0d61704749b807e2f5337996 14ed4beb7b6fc915409bc27b9f79d56943b8e44d e3c0fa334b7264a9acd8ff7941ca89193dbeb6d62ec5ee3e9df40875e29de005
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/LCkduOVK.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"67-Mv60lpIY1urn/91pF6xuVwx10OU"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JatczeXdqZSlYUeVqS5NMN8rtLsvegfJ8Zb5qJF4lyvKqERoIRcH1MngPf2gwPypIt3uRnxGENU1TVSx15KICak4bm6WZHYmXi2S1ykEINIJVPhrEWzmjOeE6YbDvaHR2uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763cede0e02b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/app.BRr80QMN.css | 104.21.50.246 | 200 OK | 9.2 kB |
URL GET HTTP/3freshgonews.com/_nuxt/app.BRr80QMN.css IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (9192), with no line terminators Hashd1a38d8cc494c2318a41fd3cfe09f005 009d40cdc75a49ef46536ba915d55422465b8973 f65b4443a0036f24fca17e528bf9e32a6af13fd1f25a3d790451031325a30e0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/app.BRr80QMN.css HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:28 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"23e1-S9CRAj2GzUpitXAx/mCKGRu4IA8"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJdymSiu9SnQTCvQjxAX8%2BPrumo6wgbtoejwJTkMFBjN0L3KSqh8KPWMoRtBBFChirSrNbFKWwKJrTYoTIkE038Hfdw7iNoEUdPDIo9jtLgbv%2B8nBH3FtbLZtWKh7EBS5ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ced7ec1cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/DPMuLL4H.js | 104.21.50.246 | 200 OK | 4.6 kB |
URL GET HTTP/3freshgonews.com/_nuxt/DPMuLL4H.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (4640), with no line terminators Hash0ed1e43da3a108a8af001ea0b2625336 b4de11ba1377e425ce00c183b12d6c6ed42fedf6 0a4623a03c4ae4b4b672e411d51f7fdbe92f6fb17ea687ddbc7b2d52b545ee5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/DPMuLL4H.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"11e3-6ynopqPcWr68gK8qI1+JEv1yGDs"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiNweALp2V8Tbb4M%2BZKGUzNbC%2FS5gfGvoulMpQTpNPIm7VT%2Bzgu6e2Mm907Dgh%2BYiPRUrAjeKUez18wD7REE5EisfeTViNUTbWMj6r9D3on9Ttl1wix4FgwzyCFlAfUE%2BmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedc7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freshgonews.com/_nuxt/DEISlJz5.js | 104.21.50.246 | 200 OK | 1.1 kB |
URL GET HTTP/3freshgonews.com/_nuxt/DEISlJz5.js IP104.21.50.246:443
CertificateIssuerGoogle Trust Services LLC Subjectfreshgonews.com Fingerprint4C:CC:9C:66:6B:D8:45:7B:25:2C:1C:FB:78:7F:BF:50:E5:23:4A:83 ValidityMon, 19 Feb 2024 08:18:25 GMT - Sun, 19 May 2024 08:18:24 GMT
File typeASCII text, with very long lines (1175), with no line terminators Hashaac899bca9075e650e5be1d5d995c165 f64f745ef7a72e1e77c9608e1b48a95878da0a10 fa2c6c2cb0b5f8e81e467d1c790212a10b7d54c422acc4a3d5ada54af1335256
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_nuxt/DEISlJz5.js HTTP/1.1
Host: freshgonews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freshgonews.com/_nuxt/_H05hw6b.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=deb91dfa-8c92-4ec5-b903-d2408c21f1f1; trek_uuid=8881f8c2-6602-4e2a-a8c1-443471510f2b; visit_uuid=fe0e5758-2b58-4c6a-aaa4-165400728202; -414010988=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:00:29 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"47a-Zl1hNvSZkHFnOaOZPs5xF9teSYY"
last-modified: Mon, 15 Apr 2024 10:51:20 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEscEcxlEgtPO6X3wWU6CqXmev4zfjIJRTEQ8YtOnrYTGJ8Zz3Po3GlTVDzzoHluJ7CzUZ2cYg55BoeAMuOqsG1OV1rls4yAk0I6GB%2FNSzFG3KO9geSyXeGCcuCgPRE9wr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8763ceddedc3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|