Report - portwashington-news.com/

Report Overview

Visited public
2023-12-05 11:23:15
Tags
URL
portwashington-news.com/
Finishing URL
cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&sub_id=16122660&click_id=c91beh9uoho8pd56ee&nrid=99ff1c72589686c012ba6690b4f85c13&reason=tb_exit&attempt=2
IP / ASN
151.101.130.159
#54113 FASTLY
Title
cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&sub_id=16122660&click_id=c91beh9uoho8pd56ee&nrid=99ff1c72589686c012ba6690b4f85c13&reason=tb_exit&attempt=2

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	916 B	152 kB	142.250.74.168
north.statisticplatform.com	unknown	2023-10-06	2023-10-06 12:05:45	2023-12-03 18:53:33	428 B	6.5 kB	80.66.79.248
vvfal.stonecarv.top	unknown	2023-11-23	2023-12-03 18:45:09	2023-12-03 18:45:09	632 B	16 kB	172.67.154.38
cdnstatic.stonecarv.top	unknown	2023-11-23	2023-12-03 18:11:52	2023-12-04 15:29:05	732 B	904 B	172.67.154.38
portwashington-news.com	unknown	unknown	No data	No data	29 kB	73 MB	151.101.130.159
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-04 18:39:56	459 B	430 B	18.184.210.76
got.statisticplatform.com	unknown	2023-10-06	2023-10-16 17:54:33	2023-12-04 14:39:20	427 B	325 B	80.66.79.247
enormouslysubsequentlypolitics.com	unknown	2023-11-28	2023-11-28 19:01:40	2023-12-04 12:06:15	3.0 kB	4.5 kB	192.243.61.227
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-12-04 15:51:10	2.6 kB	4.4 kB	192.243.59.20
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-12-03 05:47:50	608 B	1.0 kB	104.21.22.161
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-05 08:08:22	1.8 kB	42 kB	142.250.74.35
darksky.net	27203	2007-04-25	2015-03-05 10:50:32	2023-11-28 23:21:16	667 B	343 B	44.194.98.76
special.beatifulllhistory.com	unknown	2023-10-15	2023-10-20 23:21:22	2023-12-04 15:41:08	436 B	13 kB	80.66.79.249
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	574 B	13 kB	172.217.21.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	3.9 kB	249 kB	216.58.207.227
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-12-04 17:50:27	926 B	601 B	192.64.81.118
a.stonecarv.top	unknown	2023-11-23	2023-12-03 17:37:48	2023-12-04 23:14:22	714 B	44 kB	172.67.154.38
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-12-05 05:12:12	3.7 kB	3.9 kB	173.233.137.44
support.apple.com	9892	1987-02-19	2012-07-06 23:18:01	2023-11-26 02:00:06	1.7 kB	59 kB	96.6.18.63
adserving.unibet.com	98000	1997-12-11	2015-05-26 08:56:53	2023-12-04 04:40:05	589 B	1.4 kB	13.107.246.53
www.unibet.com	318338	1997-12-11	2014-04-29 03:07:51	2023-12-04 18:12:03	2.8 kB	5.4 kB	85.184.96.28
antonmediagroup.com	unknown	unknown	No data	No data	497 B	40 kB	151.101.194.159

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 11:22:56	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	beatifulllhistory.com	Sinkholed
2023-12-05	medium	enormouslysubsequentlypolitics.com	Sinkholed
2023-12-05	medium	enormouslysubsequentlypolitics.com	Sinkholed
2023-12-05	medium	conqueredallrightswell.com	Sinkholed
2023-12-05	medium	conqueredallrightswell.com	Sinkholed
2023-12-05	medium	toprevenuegate.com	Sinkholed
2023-12-05	medium	toprevenuegate.com	Sinkholed
2023-12-05	medium	toprevenuegate.com	Sinkholed

ThreatFox

Scan Date	Severity	Indicator	Alert
2023-10-22	medium	special.beatifulllhistory.com	Unknown malware

JavaScript (4)

		Size	First Seen	Last Seen
	#1 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#2 Eval - de87583b216677a2181a4324dba6dd38	471 B	2023-11-28 23:22	2024-08-20 17:32
Pretty Observations First Seen2023-11-28 23:22 Last Seen2024-08-20 17:32 Times Seen2 Hash de87583b216677a2181a4324dba6dd38 b0932ebdfff3476cdbaeb3f7507895c3e82b83bc aff09f444e221377d8117d888196759b5c2e25be698405af6fed4facb887844e Loading...

		Size	First Seen	Last Seen
	#1 Write - a20553fec5e11b0cfe114bde9c5b5fef	124 B	2023-11-28 23:22	2024-08-20 17:32
Pretty Observations First Seen2023-11-28 23:22 Last Seen2024-08-20 17:32 Times Seen2 Hash a20553fec5e11b0cfe114bde9c5b5fef beefbf80935fc41cf94413e2f34bea5e94fa60d8 e5a44f16d2b1b7e29b0f2742081ca890e42af790e29e2f5f81bf7f28a4b7e849 Loading...

	#2 Write - 83e7dad49281a63419e2a9a2a24da21d	71 B	2023-03-07 01:03	2025-05-01 11:22
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-01 11:22 Times Seen52 Hash 83e7dad49281a63419e2a9a2a24da21d f3b6fe7b6c9a5e35669ba3b396a90fbff516d7dc 52f5b8a5400e6d7bb93648a41cedbf062063082b26d80ee340908439115f6e58 Loading...

HTTP Transactions (95)

URL IP Response Size

portwashington-news.com/

151.101.130.159

45 kB

URL
portwashington-news.com/
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text, with very long lines (14888), with CRLF, LF line terminators
Size
45 kB (44817 bytes)
Hash
3221e6b5660680098ac73b899ed7abb0
acd49d959f78e2fe638ceef0b921b2d697f9a0d2
c93628c193e3dfa014eaf586d440be56142db14382fd9f94dab802864ba691b4

HTTP Headers

GET / HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-tec-api-root: https://portwashington-news.com/wp-json/tribe/events/v1/
link: <https://portwashington-news.com/wp-json/>; rel="https://api.w.org/", <https://portwashington-news.com/wp-json/wp/v2/pages/17883>; rel="alternate"; type="application/json", <https://portwashington-news.com/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1
x-content-type-options: nosniff
x-fw-version: 5.0.0
x-fw-dynamic: TRUE
x-fw-hash: tkxxwx7pon
x-tec-api-version: v1
x-tec-api-origin: https://portwashington-news.com
x-fw-server: Flywheel/5.1.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1668-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775358.319227,VS0,VE2
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 44817
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/featured-video-plus/styles/frontend.css?ver=2.3.3

151.101.130.159

659 B

URL
portwashington-news.com/wp-content/plugins/featured-video-plus/styles/frontend.css?ver=2.3.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
659 B (659 bytes)
Hash
688d360e90d71fd1a201875aeb635ad6
25bb5d452c51377fff344e8138d6867c6f20845e
b789a3316d55feb569762a2b198d22e8767e1310756e2c0a0ee4067efcad1e2b

HTTP Headers

GET /wp-content/plugins/featured-video-plus/styles/frontend.css?ver=2.3.3 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 15:21:39 GMT
x-xss-protection: 1
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
content-type: text/css
etag: W/"5aafd583-9a8"
x-fw-hash: tkxxwx7pon
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1662-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.877836,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 659
X-Firefox-Spdy: h2

portwashington-news.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

151.101.130.159

17 kB

URL
portwashington-news.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (53449)
Size
17 kB (16587 bytes)
Hash
03c0f2128c8dd615b1691c168f1d4456
defa44bed1f35ec899cfd358ca911390bca53e67
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.3.2 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: text/css
last-modified: Thu, 12 Oct 2023 19:28:30 GMT
etag: W/"652848de-19824"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1683-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.877479,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 16587
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.3.0

151.101.130.159

54 kB

URL
portwashington-news.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.3.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65358)
Size
54 kB (53930 bytes)
Hash
2fcf15b9242ca9cbf091c45419959fdb
52e744ee97e3612e790305643ab5046201831618
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.3.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: text/css
last-modified: Sun, 23 Aug 2020 14:29:30 GMT
etag: W/"5f427d4a-76828"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1632-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.880323,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 53930
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/themes/NewspaperNew/style.css?ver=8.0

151.101.130.159

143 kB

URL
portwashington-news.com/wp-content/themes/NewspaperNew/style.css?ver=8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
143 kB (143222 bytes)
Hash
9ec6d423fe9275d7adeda46a4f8f1b83
a108a19fba66afcf31bb6a0da405df21f81144cc
e385afb3dc5028ce12d3a65fe5d6839a7f3140a235d40109ab64739709950a78

HTTP Headers

GET /wp-content/themes/NewspaperNew/style.css?ver=8.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: text/css
last-modified: Tue, 26 Dec 2017 19:02:33 GMT
etag: W/"5a429cc9-10ed5a"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1638-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.880956,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 143222
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

151.101.130.159

40 kB

URL
portwashington-news.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (31997)
Size
40 kB (40375 bytes)
Hash
354e57d7230dd4e4f94918aa44b61513
3e56f97ec1c5c99ed2c411d41a59bd7c90a79728
779568ca62796104e39c21a86e9659e2f730fd0e0158910d855aee2be47d3fde

HTTP Headers

GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 04 Aug 2023 17:43:41 GMT
etag: W/"64cd38cd-19751"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1661-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.886587,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 40375
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/themes/Newspaper-child/style.css?ver=8.0

151.101.130.159

603 B

URL
portwashington-news.com/wp-content/themes/Newspaper-child/style.css?ver=8.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
603 B (603 bytes)
Hash
5183cd3dbcc211b38b9874b5d0e27ae7
ebe8b4aaeced31bc66bcdf3249d8a0fdfd1d5d4d
4d18f2bb79ae95321110b92e7c42c73b2bedd2e1bab653b09240c38c799953a9

HTTP Headers

GET /wp-content/themes/Newspaper-child/style.css?ver=8.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: text/css
last-modified: Wed, 02 Oct 2019 13:52:10 GMT
etag: W/"5d94ab8a-50d"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1638-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.886087,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 603
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp

151.101.130.159

12 kB

URL
portwashington-news.com/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7419)
Size
12 kB (11748 bytes)
Hash
31bfe03cb522141da2a2c45021bdb23f
4258d6349388ad88fe07ebfda7c3aac1f6ed07a7
7a14ca69bf1d81c5fe101b6df042967077c80567236471aadb37ecb872bf43f3

HTTP Headers

GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 04 Aug 2023 17:43:41 GMT
etag: W/"64cd38cd-7974"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1670-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.887001,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11748
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/featured-video-plus/js/jquery.fitvids.min.js?ver=master-2015-08

151.101.130.159

3.8 kB

URL
portwashington-news.com/wp-content/plugins/featured-video-plus/js/jquery.fitvids.min.js?ver=master-2015-08
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text, with very long lines (7419)
Size
3.8 kB (3848 bytes)
Hash
573e45ff6d8363441c5c9e40c9033478
b0ca8db36b2154612c7f6d1214d6969d1a7115c6
8e68ab02a10e8e42dca47269323adf1355d38172bb191e89d9a0f1ee7afe6818

HTTP Headers

GET /wp-content/plugins/featured-video-plus/js/jquery.fitvids.min.js?ver=master-2015-08 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 19 Mar 2018 15:21:39 GMT
etag: W/"5aafd583-23b0"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1651-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.886996,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3848
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/featured-video-plus/js/frontend.min.js?ver=2.3.3

151.101.130.159

4.2 kB

URL
portwashington-news.com/wp-content/plugins/featured-video-plus/js/frontend.min.js?ver=2.3.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7419)
Size
4.2 kB (4203 bytes)
Hash
54902d9de1b11606b3cc709f127652a6
08406e1fbdfc91015a8a7b64d5c0d1e511c5f2c8
e0004cf26605a544eea57135ff0d9fc874152967d959620ef660fdbf584635db

HTTP Headers

GET /wp-content/plugins/featured-video-plus/js/frontend.min.js?ver=2.3.3 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 19 Mar 2018 15:21:39 GMT
etag: W/"5aafd583-2778"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1640-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.887005,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4203
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2022/06/Port-Washington-News-small.jpg

151.101.130.159

68 kB

URL
portwashington-news.com/wp-content/uploads/2022/06/Port-Washington-News-small.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3825, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3413], progressive, precision 8, 1125x223, components 3\012- data
Size
68 kB (68385 bytes)
Hash
f7f8f2a56ca5106d3c08930783d67103
3e7a6dbd4ca305860f2d4bf4e9b59c112f4b333e
1a44a55a3cf033d2c419703c184cb8e7152016c65a8a45097e89d46c15eb1987

HTTP Headers

GET /wp-content/uploads/2022/06/Port-Washington-News-small.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Tue, 21 Jun 2022 14:13:51 GMT
etag: W/"62b1d21f-12abc"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1682-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 2
x-timer: S1701775359.894884,VS0,VE0
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 68385
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/themes/NewspaperNew/images/no-thumb/td_741x486.png

151.101.130.159

1.9 kB

URL
portwashington-news.com/wp-content/themes/NewspaperNew/images/no-thumb/td_741x486.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 741 x 486, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1901 bytes)
Hash
079eb4d844de9e5ee13c47b10ab2d296
7bdf1f58ca85374f7c0e60a8bf7996358215dec1
ffe6330c5aa3981a1d2dcce1868b8441e0512d07fbe67ce762336872044ff5f0

HTTP Headers

GET /wp-content/themes/NewspaperNew/images/no-thumb/td_741x486.png HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/png
last-modified: Fri, 13 Oct 2017 07:14:35 GMT
etag: W/"59e067db-435d"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1648-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.895027,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1901
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/bs6-324x160.jpg

151.101.130.159

16 kB

URL
portwashington-news.com/wp-content/uploads/2023/09/bs6-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 221x221, segment length 16, baseline, precision 8, 324x160, components 3\012- data
Size
16 kB (16390 bytes)
Hash
2d3c6cf77c5623a9b5d95c8929b1e228
0b70f31689c321558fff2fdcd450959b52cd1551
03da994841218e35edfb3124e64a81d05830651cb28a77a4c5b196c84edf47cc

HTTP Headers

GET /wp-content/uploads/2023/09/bs6-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 29 Sep 2023 17:10:57 GMT
etag: W/"65170521-4010"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1628-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.898890,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 16390
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2019/09/PortSchoolsLogo-100x70.jpg

151.101.130.159

4.5 kB

URL
portwashington-news.com/wp-content/uploads/2019/09/PortSchoolsLogo-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 100x70, components 3\012- data
Size
4.5 kB (4485 bytes)
Hash
262a86a2d8b3e96e2c19c329513c4466
d9644ff5560e49b9bac6c6844ff8cd070488e001
55b72ed333e28d6dd5a602fb349003e61a9d937c240f66fcbe3ca342eff534a3

HTTP Headers

GET /wp-content/uploads/2019/09/PortSchoolsLogo-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 09 Sep 2019 17:08:55 GMT
etag: W/"5d768727-11cf"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1670-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.938288,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4485
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/SaveTheDate_A-324x235.jpg

151.101.130.159

35 kB

URL
portwashington-news.com/wp-content/uploads/2023/09/SaveTheDate_A-324x235.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=Apple, model=iPhone 14, xresolution=150, yresolution=158, resolutionunit=2, software=16.5.1, datetime=2023:07:25 09:58:54], baseline, precision 8, 324x235, components 3\012- data
Size
35 kB (35021 bytes)
Hash
a27bc4bfc1e5dc9959d1f1cdef2cbddd
75d3df978eaea5294f8b6a8ed68924cd0b04badd
6404c9dc4b1d0312ff54358dde4bf4ae3f6c157308cdd9d3aa40e219aeda9840

HTTP Headers

GET /wp-content/uploads/2023/09/SaveTheDate_A-324x235.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Tue, 12 Sep 2023 21:39:43 GMT
etag: W/"6500da9f-99d5"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1640-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.936917,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 35021
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-65941892-4

142.250.74.168

69 kB

URL
www.googletagmanager.com/gtag/js?id=UA-65941892-4
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4179)
Size
69 kB (69028 bytes)
Hash
d4dd1304ff1ecc56dc5727a3b278ed1e
566edfd3eafeeda157c5051843546ae77bea8a88
16014b5a7c27484361f0abf225ac0e796a225f1293203199329fef1baaae960a

HTTP Headers

GET /gtag/js?id=UA-65941892-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 11:22:39 GMT
expires: Tue, 05 Dec 2023 11:22:39 GMT
cache-control: private, max-age=900
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2018/10/BaxterEstates_B-100x70.jpg

151.101.130.159

14 kB

URL
portwashington-news.com/wp-content/uploads/2018/10/BaxterEstates_B-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2448, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3264], baseline, precision 8, 100x70, components 3\012- data
Size
14 kB (13506 bytes)
Hash
d07a186a5b82ce7c72d0a7869b752f08
121d0abbedd9d3de69f8525d6fe20631c69e7c6c
a9304a07911f3a18ca7f21565a6137c27490ce77879bc5e8bba6e20ae3a889b8

HTTP Headers

GET /wp-content/uploads/2018/10/BaxterEstates_B-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 15 Oct 2018 16:58:00 GMT
etag: W/"5bc4c718-4f33"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1672-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.952657,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13506
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2019/09/PortSchoolsLogo-324x160.jpg

151.101.130.159

12 kB

URL
portwashington-news.com/wp-content/uploads/2019/09/PortSchoolsLogo-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 324x160, components 3\012- data
Size
12 kB (11660 bytes)
Hash
d8117c5a9159e2bcbcdafa1260ac8165
a4b6d4ccce6d10e4448b1e8d1beb8436f534e196
9b13c4c6466ed61716e1c4872a4fa77fbe902c6b250199d4ebdd05a4261993df

HTTP Headers

GET /wp-content/uploads/2019/09/PortSchoolsLogo-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 09 Sep 2019 17:09:02 GMT
etag: W/"5d76872e-2dcc"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1669-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.990070,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11660
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2021/03/Water-District-Logo-324x160.png

151.101.130.159

14 kB

URL
portwashington-news.com/wp-content/uploads/2021/03/Water-District-Logo-324x160.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 324 x 160, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14080 bytes)
Hash
bc7e4fda0b8b49fbd70d9d6eb41b2233
353ad3403fac745a24ae03e04795bcc29941854e
c493870813d6ee251e41831a04a954200fc2a6ed87cdf887340593b1c9a10e8a

HTTP Headers

GET /wp-content/uploads/2021/03/Water-District-Logo-324x160.png HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/png
last-modified: Tue, 09 Mar 2021 19:59:02 GMT
etag: W/"6047d386-36e4"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1677-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.990739,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14080
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2013/12/harvest-300x235.jpg

151.101.130.159

16 kB

URL
portwashington-news.com/wp-content/uploads/2013/12/harvest-300x235.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x235, components 3\012- data
Size
16 kB (15860 bytes)
Hash
255e3c0bf3a17c2d8c269ec305eb124f
e564c1f409fb770f2b6b993cca2a5bbfeb95d07d
e069d6bd1c0912fba219fbaaf71e3d2105cf26ef52fbe3cee384e1d29b612629

HTTP Headers

GET /wp-content/uploads/2013/12/harvest-300x235.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Sat, 18 Jun 2016 17:54:43 GMT
etag: W/"57658ae3-3e2e"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1670-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.999201,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 15860
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2018/07/OPED_Newspapers_A-web-324x160.jpg

151.101.130.159

23 kB

URL
portwashington-news.com/wp-content/uploads/2018/07/OPED_Newspapers_A-web-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3024, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4032], baseline, precision 8, 324x160, components 3\012- data
Size
23 kB (22757 bytes)
Hash
dfd53057ea33dfc0a7fbc131dd47f8ec
1d1a4f1fac034827c03f622f4f3ed1a55f5cd1e6
910ec1ecdd9c240bddb28488c6fef3f6c160dc229620cb2e75d4fe8324ead5e6

HTTP Headers

GET /wp-content/uploads/2018/07/OPED_Newspapers_A-web-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Tue, 03 Jul 2018 16:20:46 GMT
etag: W/"5b3ba25e-7396"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1638-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.998520,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 22757
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.3.0

151.101.130.159

4.4 kB

URL
portwashington-news.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.3.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (51719)
Size
4.4 kB (4432 bytes)
Hash
8b6dae7f49f2b5fd72f43c405d4417b9
a10ac4645869698687a5e08cd77e3d98232ca3d0
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.3.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-xss-protection: 1
x-fw-version: 5.0.0
last-modified: Sun, 23 Aug 2020 14:29:30 GMT
content-type: text/css
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"5f427d4a-caa8"
referrer-policy: no-referrer-when-downgrade
x-fw-hash: tkxxwx7pon
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1674-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.077248,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4432
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/themes/NewspaperNew/js/tagdiv_theme.min.js?ver=8.1

151.101.130.159

58 kB

URL
portwashington-news.com/wp-content/themes/NewspaperNew/js/tagdiv_theme.min.js?ver=8.1
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (670)
Size
58 kB (58165 bytes)
Hash
9bc8c14ffeb79bdcffb51ec73b31d728
a57e430ded9de9a40d61e7b004f7af1d3ee8f838
a5f3ec8eccd718248223755d18cf4c46ff4a960ba75f68784c10cc2f54badb57

HTTP Headers

GET /wp-content/themes/NewspaperNew/js/tagdiv_theme.min.js?ver=8.1 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 13 Oct 2017 07:14:35 GMT
etag: W/"59e067db-33b08"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1673-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.077363,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 58165
X-Firefox-Spdy: h2

portwashington-news.com/wp-includes/js/comment-reply.min.js?ver=6.3.2

151.101.130.159

1.4 kB

URL
portwashington-news.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2946)
Size
1.4 kB (1382 bytes)
Hash
492f2c1a7ea7eb83fe42e0ff7cb51aa2
db36a77f6aaa2063bfbec02c2c0e967438c5a245
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.3.2 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 19:28:30 GMT
x-xss-protection: 1
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
content-type: application/javascript
etag: W/"652848de-ba5"
x-fw-hash: tkxxwx7pon
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1682-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 6
x-timer: S1701775359.078792,VS0,VE0
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1382
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.3.0

151.101.130.159

9.5 kB

URL
portwashington-news.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.3.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (20478)
Size
9.5 kB (9497 bytes)
Hash
768361248081c969d51c9ed6fc4d9bb3
4e8f6a0df3cf9344ee8059a1928ac7d8c8124c2c
883c4e8d0d2cdd41f7de7f6d1ce8fe9228d3c312caa610f5e21abb3813593370

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.3.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 14:29:30 GMT
etag: W/"5f427d4a-6dd5"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1649-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.078764,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9497
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.3.0

151.101.130.159

6.1 kB

URL
portwashington-news.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.3.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (8853)
Size
6.1 kB (6135 bytes)
Hash
9058bcc24f7cee5cc68322fb86c882bc
450a309212a1c888557cc56cadad960c339f0b0e
a92335ce788bc42ebd45aba2aa6b8d612ba54adc7109ad8da3ac90a98c75d7b5

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.3.0 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: application/javascript
last-modified: Sun, 23 Aug 2020 14:29:30 GMT
etag: W/"5f427d4a-4111"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1670-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.079237,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6135
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2016/04/footer-banner.jpg

151.101.130.159

17 kB

URL
portwashington-news.com/wp-content/uploads/2016/04/footer-banner.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 638x115, components 3\012- data
Size
17 kB (16712 bytes)
Hash
4e12fe069832cb6d6fee5330eb29b927
96922189f9dac08651d71afa68b18bbfbed686f4
e2f859a31b0b5e1e4cc202883a5b8ae04851f1955e371d9e76896763ba8eccc6

HTTP Headers

GET /wp-content/uploads/2016/04/footer-banner.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Sat, 18 Jun 2016 06:14:56 GMT
etag: W/"5764e6e0-4316"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1633-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.076293,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 16712
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2021/01/Siegel-Headshot-NEW-324x160.jpeg

151.101.130.159

482 kB

URL
portwashington-news.com/wp-content/uploads/2021/01/Siegel-Headshot-NEW-324x160.jpeg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, height=450, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=360], baseline, precision 8, 324x160, components 4\012- data
Size
482 kB (482485 bytes)
Hash
0d5109ff6eec8e494c1d7f304cb0879b
728e26064ce97bd46fe9bd27360adc288f0c4962
cdbde8d365f3c622c9da914c0284ab68857e508b702013d6b8df88d7f00d9c9b

HTTP Headers

GET /wp-content/uploads/2021/01/Siegel-Headshot-NEW-324x160.jpeg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 11 Jan 2021 17:37:00 GMT
etag: W/"5ffc8cbc-a4338"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1658-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.999060,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 482485
X-Firefox-Spdy: h2

darksky.net/widget/default/42.360082,-71.05888/us12/en.js?width=100%&height=350&title=Full%20Forecast&textColor=333333&bgColor=FFFFFF&transparency=true&skyColor=undefined&fontFamily=Default&customFont=&units=us&htColor=333333&ltColor=C7C7C7&displaySum=yes&displayHeader=yes

44.194.98.76

134 B

URL
darksky.net/widget/default/42.360082,-71.05888/us12/en.js?width=100%&height=350&title=Full%20Forecast&textColor=333333&bgColor=FFFFFF&transparency=true&skyColor=undefined&fontFamily=Default&customFont=&units=us&htColor=333333&ltColor=C7C7C7&displaySum=yes&displayHeader=yes
IP
44.194.98.76:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /widget/default/42.360082,-71.05888/us12/en.js?width=100%&height=350&title=Full%20Forecast&textColor=333333&bgColor=FFFFFF&transparency=true&skyColor=undefined&fontFamily=Default&customFont=&units=us&htColor=333333&ltColor=C7C7C7&displaySum=yes&displayHeader=yes HTTP/1.1
Host: darksky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 05 Dec 2023 11:22:39 GMT
content-type: text/html
content-length: 134
location: https://support.apple.com:443/en-us/HT213526
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/CoverImage_Cap-PW-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/CoverImage_Cap-PW-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2704960 bytes)
Hash
a4c01f49775d3224f4838a6001c76f90
58470901f0d1ba80da5899cdc570bdca2b095b61
639eca0f1f14e6daf5824a6d3b08d5a8cce5c80372962662779fb3f9b37e8d93

HTTP Headers

GET /wp-content/uploads/2023/09/CoverImage_Cap-PW-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 29 Sep 2023 17:24:02 GMT
etag: W/"65170832-391f4b"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1669-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.897964,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2704960
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/ToolGiveaway_E-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/ToolGiveaway_E-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2705314 bytes)
Hash
c8388b7035044c8ee01261174bc7c766
8facc1fc372daa3080a700cd061be6c3bc28a2d4
6aa29830cdc77ca268203a921d418f20e6568d2f36efa5808ecb2b7d5d77f0e9

HTTP Headers

GET /wp-content/uploads/2023/09/ToolGiveaway_E-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 18:36:03 GMT
etag: W/"6504a413-3920a8"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1630-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.901611,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2705314
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/History_G-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/History_G-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2707752 bytes)
Hash
1a8fa8a3e350f3d3486b441bf861a6d8
a6d5b4b203a32f2355feb9cb583bea84afe765f4
3fa2a28d9a090e92a2cf15cd2823b73ee48b8e435a5fc50582a8e4a0e3420918

HTTP Headers

GET /wp-content/uploads/2023/09/History_G-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 22 Sep 2023 17:24:46 GMT
etag: W/"650dcdde-393ad3"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1659-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.899057,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2707752
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/Funday_C-741x486.jpg

151.101.130.159

2.8 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/Funday_C-741x486.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.8 MB (2844927 bytes)
Hash
191b79a8806256ac0443c0b03f051c18
7edbadf663185d81871b402329e4a0759047f7ed
9b9d7cf9f78c885ce870e4148f40626ad4eb74374784076d31635ef4ea3f3354

HTTP Headers

GET /wp-content/uploads/2023/09/Funday_C-741x486.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 18:51:51 GMT
etag: W/"6504a7c7-3b44fe"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1643-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.899254,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2844927
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/SeniorLunch_A-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/SeniorLunch_A-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2717038 bytes)
Hash
1d55a750711ad8e2e68c9e42c095967c
4e51de7d02eeae98707593d406e7a3f6466b7b66
5be53de5a8219a06b571d216682dedab6c983ac0c5c2e94eff0e9ec972eaa5be

HTTP Headers

GET /wp-content/uploads/2023/09/SeniorLunch_A-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 18:47:36 GMT
etag: W/"6504a6c8-395650"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1642-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.900648,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2717038
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/SummerShow_C-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/SummerShow_C-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2705005 bytes)
Hash
445d40b21f04c0d6f2c8c4e23f91a8e6
f8d93b5c302c0d19b70964aa5fbb2e8e5068cc2f
ebfbf240fde69fa2bb10b46540d3cad18c0289de77a7ce794da45762fe992e12

HTTP Headers

GET /wp-content/uploads/2023/09/SummerShow_C-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 18:21:28 GMT
etag: W/"6504a0a8-3926ee"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1628-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.936946,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2705005
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/07/GolfChamps_B-80x60.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/07/GolfChamps_B-80x60.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2677350 bytes)
Hash
dfed7b3bee6bf5f4f67b544d87d39293
a602d6bb32883e8f704b277c085f2ba201e4a82b
6ea10e9dfe6ef7e156dd80f2028588a336c2c73fb23fa18caee15b4328f10050

HTTP Headers

GET /wp-content/uploads/2023/07/GolfChamps_B-80x60.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 07 Jul 2023 16:32:22 GMT
etag: W/"64a83e16-38b522"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1635-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.939511,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2677350
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/LitterCollected_A-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/LitterCollected_A-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2679323 bytes)
Hash
b6095fb1bf6a0c5bf5bef65079094f56
7990084cf200a6025702a2acbeb87d4394a53e1a
ebb8c33d16ef07b8c01653d1403c28afb3a4ff7bf87a55f0cfe1edf471ef02ca

HTTP Headers

GET /wp-content/uploads/2023/09/LitterCollected_A-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 07 Sep 2023 16:55:54 GMT
etag: W/"64fa009a-38bcd3"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1662-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.937761,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2679323
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/HarvestCeleb_B-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/HarvestCeleb_B-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2679304 bytes)
Hash
7577e042e6530357046f01569a600267
c5db2e77e3ba34488eb4274e6cbc80dfe13906b0
61b199efa5d068ef2591cd5cb3ddde23d796492bd61359cda3482abbf28e32a1

HTTP Headers

GET /wp-content/uploads/2023/09/HarvestCeleb_B-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 07 Sep 2023 17:20:04 GMT
etag: W/"64fa0644-38bb1d"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1648-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.936882,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2679304
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/07/BasketballChamps_A-80x60.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/07/BasketballChamps_A-80x60.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2677678 bytes)
Hash
d04394dbc278b9f87a56ce1f92e1f4c4
9fdc22feae3d33da5d79e201355fdd0cba5dab91
a6e9387a5f62488e750f55ad9693f66d71d922071fe8451b040ca38735b70987

HTTP Headers

GET /wp-content/uploads/2023/07/BasketballChamps_A-80x60.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 07 Jul 2023 16:25:18 GMT
etag: W/"64a83c6e-38b57e"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1680-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.939492,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2677678
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/SummerShow_C-356x220.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/SummerShow_C-356x220.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2720886 bytes)
Hash
fbed4344f8835c789916245e894dfb39
1a5e2cc089dc91f322682f2564fc16eb67100e41
91173bc37107edcb6b7381b850fca86e8e9bac206fa19067370e69fd6b20bb78

HTTP Headers

GET /wp-content/uploads/2023/09/SummerShow_C-356x220.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 18:21:29 GMT
etag: W/"6504a0a9-3964fc"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1663-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.939487,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2720886
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2022/08/Shoreline_B-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2022/08/Shoreline_B-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2699668 bytes)
Hash
779405293603803c8d6d3cfe55473ee2
8d1e7c4d286cd47ffe5772be601861c75d1c7a3d
5dd2894729739fad181dd0234a76fe421cece419898fb57b737689d55a650e63

HTTP Headers

GET /wp-content/uploads/2022/08/Shoreline_B-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 22 Aug 2022 16:31:15 GMT
etag: W/"6303af53-390719"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1654-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.939862,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2699668
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/SnapperDerby_J-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/SnapperDerby_J-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2679800 bytes)
Hash
b323ebfd5aa6e20f27f71c848f674813
6123d7a8587e4d9d6d0822e5385cb40aa5c739f5
c73c6fd13bbdde949405d25d2bedf42cf3a9a70a8dbd9293599695f61e4666c6

HTTP Headers

GET /wp-content/uploads/2023/09/SnapperDerby_J-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 07 Sep 2023 17:06:00 GMT
etag: W/"64fa02f8-38c0d8"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1675-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.937366,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2679800
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/07/Pickleball_B-1-356x220.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/07/Pickleball_B-1-356x220.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2711398 bytes)
Hash
88792dc33ee8909b2aa280eb5ebbd249
10c0040857406718161cf3e82d550f4eed515b03
b28236e61aee65fdefe9e37f3d057c4df1242950e719be785d7e6fcbb2632ecb

HTTP Headers

GET /wp-content/uploads/2023/07/Pickleball_B-1-356x220.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 21 Jul 2023 14:57:42 GMT
etag: W/"64ba9ce6-39391e"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1671-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.938485,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2711398
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/ToNHComptroller_83023_COVER-1-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/ToNHComptroller_83023_COVER-1-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2678541 bytes)
Hash
b14aa8f4c19e76e37e819684de6f821f
eda5aa0dacc8f6816e1c7b5a3751137344168ea2
be574c252788a28575c9045dd44671b1170f4f52b2cde53a6847fb59a9ac8591

HTTP Headers

GET /wp-content/uploads/2023/09/ToNHComptroller_83023_COVER-1-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 07 Sep 2023 17:00:17 GMT
etag: W/"64fa01a1-38baed"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1678-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.937360,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2678541
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/08/Summerfest_B-356x220.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/08/Summerfest_B-356x220.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2709024 bytes)
Hash
5978975cceceb984cb0366394b19e7ad
6ffca5ef8a107891c85158ea324dab32a2cc048c
7674c286a2f2a84caa702f352d0553d0dd5d6c25d766cd39311ece57b2990098

HTTP Headers

GET /wp-content/uploads/2023/08/Summerfest_B-356x220.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 18 Aug 2023 14:42:57 GMT
etag: W/"64df8371-39306e"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1668-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.939459,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2709024
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/06/GoldMedal_A-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/06/GoldMedal_A-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2696055 bytes)
Hash
7184c42ec9dd42087218715883c65f00
caa5e499877007b6192f000ac9f1ce9d21b440d4
1571629ed15667dc3ab27e499a7393f391ac0c6e4b5577e0b97dc611714d648d

HTTP Headers

GET /wp-content/uploads/2023/06/GoldMedal_A-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 16 Jun 2023 16:32:36 GMT
etag: W/"648c8ea4-390535"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1620-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.938142,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2696055
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2022/05/WinterRun_A-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2022/05/WinterRun_A-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2699930 bytes)
Hash
567809fc30481bcd44f18ffd815d6f71
db835e87f318f5fa954a0ab5dfe520141ced2f6f
2d86c50afad4dcf1b4a92af1c8641db38119ce83bd4caf6fb25e8d31da9bbd2f

HTTP Headers

GET /wp-content/uploads/2022/05/WinterRun_A-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 02 May 2022 15:54:38 GMT
etag: W/"626ffebe-390bd2"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1660-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.946633,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2699930
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/06/CoverImage-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/06/CoverImage-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2682078 bytes)
Hash
3c7edce9cef43a53437464e9d34f3c04
1f9d8bf22e3fc4f39ccbd39386d82a7a9d58f529
71232098f61a5732a0cd1dae6f05f0b819387bc1467ed4526ed7e32d2d0e41bc

HTTP Headers

GET /wp-content/uploads/2023/06/CoverImage-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 01 Jun 2023 18:54:03 GMT
etag: W/"6478e94b-38e8d7"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1675-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.938124,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2682078
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2022/01/CoverPhoto-100x70.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2022/01/CoverPhoto-100x70.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2684835 bytes)
Hash
225b1a4d43b510f366c5f961a076d68a
e6300bd9509861be699f9c2c38d687b7ba40a13c
d5e542be064735618bc3535c22c855bee2e81735e73bb9ea9ec7bbf0a31c6bf8

HTTP Headers

GET /wp-content/uploads/2022/01/CoverPhoto-100x70.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 10 Jan 2022 21:23:20 GMT
etag: W/"61dca3c8-38d35d"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1631-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.946615,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2684835
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/07/CoverImage-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/07/CoverImage-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2694902 bytes)
Hash
51580028e9caf9c8edaec567c8a7d194
8eba43cb6cf385bd31adda03820bced0e03d654d
541d5e65fbf5c5c86c5316752267d122b1a86981727009c0eb81756ab16f575f

HTTP Headers

GET /wp-content/uploads/2023/07/CoverImage-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 06 Jul 2023 18:19:44 GMT
etag: W/"64a705c0-38fbf3"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1661-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.042805,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2694902
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/06/LocalPharma_B-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/06/LocalPharma_B-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2710232 bytes)
Hash
a187935c11142e5f301918b941778fb0
8ee712d9b79e75f5275076985e893762eb244778
26c282820a2e217c9283131bfbba53a5be07b57fc485dcab11f3fe239722d5b8

HTTP Headers

GET /wp-content/uploads/2023/06/LocalPharma_B-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Mon, 12 Jun 2023 18:29:11 GMT
etag: W/"648763f7-39367d"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1620-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.040687,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2710232
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/06/CoverImage-1-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/06/CoverImage-1-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2717567 bytes)
Hash
3a2e1d71274f4011708d43ee99aca281
ebef393d12d94a6507818af96e05a1aae32f3798
3c5aa120e752e7dd972620327ede79e176d209ff2cc6d99577a5bd86acf37f09

HTTP Headers

GET /wp-content/uploads/2023/06/CoverImage-1-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 23 Jun 2023 18:04:44 GMT
etag: W/"6495debc-397c5c"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1681-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.042920,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2717567
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/09/CafeBle_A-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/09/CafeBle_A-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2716602 bytes)
Hash
24a36833edfc920bc688f8576387b209
4525bd13c1f11e41f4f6189f8672d7f3eba06d39
a0a4fd9b6cba23c6ae425a9d1602f70e56681fb203bdbcf2d68a4d5cc768d77b

HTTP Headers

GET /wp-content/uploads/2023/09/CafeBle_A-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 07 Sep 2023 16:53:40 GMT
etag: W/"64fa0014-39596c"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1659-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.040529,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2716602
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2023/06/PrideWalk_B-324x160.jpg

151.101.130.159

2.7 MB

URL
portwashington-news.com/wp-content/uploads/2023/06/PrideWalk_B-324x160.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
2.7 MB (2712192 bytes)
Hash
730d9983884bb60d424c04490abf5517
df143f5033f3ddb811eadebf009562439c3fbb17
7690d684ab519edb49af08e9ba01945bd1aacd2475527c919035c74009fe2573

HTTP Headers

GET /wp-content/uploads/2023/06/PrideWalk_B-324x160.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 16 Jun 2023 15:50:54 GMT
etag: W/"648c84de-394ca6"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:39 GMT
x-served-by: cache-bma1645-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.034216,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2712192
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-GN4J8P8YEL&l=dataLayer&cx=c

142.250.74.168

81 kB

URL
www.googletagmanager.com/gtag/js?id=G-GN4J8P8YEL&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5955)
Size
81 kB (81217 bytes)
Hash
ec6a6df1901b4a64161d071b7bad7998
45a205d0270330fe0a272dab6bb78133eb87ceeb
9bb6a0b8a09714cd18b17e818dd9ec0700c72a3dfb70ceccd40b9557de2faec6

HTTP Headers

GET /gtag/js?id=G-GN4J8P8YEL&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 11:22:42 GMT
expires: Tue, 05 Dec 2023 11:22:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81217
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

portwashington-news.com/wp-content/uploads/2023/08/SportsField_C.jpg

151.101.130.159

3.8 MB

URL
portwashington-news.com/wp-content/uploads/2023/08/SportsField_C.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type

Size
3.8 MB (3849692 bytes)
Hash
f4650df1d6fc6db55a18e57460605cb0
36ae5cc03788e907b0194aefcdbbb1909bf02e06
483991be0d8d0f895a2d664ca247f6672a810e2bd1a2690e5947684b4d9e7b33

HTTP Headers

GET /wp-content/uploads/2023/08/SportsField_C.jpg HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/jpeg
last-modified: Fri, 18 Aug 2023 14:47:39 GMT
etag: W/"64df848b-4aa0a6"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:38 GMT
x-served-by: cache-bma1630-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775359.937731,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3849692
X-Firefox-Spdy: h2

support.apple.com/en-us/HT213526

96.6.18.63

0 B

URL
support.apple.com/en-us/HT213526
IP
96.6.18.63:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /en-us/HT213526 HTTP/1.1
Host: support.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: Apple
Content-Length: 0
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: origin
Access-Control-Max-Age: 1
ETag: a56T1AULltDRsOct23JD4Z110=====
Last-Modified: Tue, 05 Dec 2023 11:21:44 GMT
Location: https://support.apple.com/en-us/102594
Content-Language: en-US
Host: support-shd-prn.corp.apple.com
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Date: Tue, 05 Dec 2023 11:22:45 GMT
Connection: keep-alive
Cache-Control: public, max-age=43200, no-siteapp

special.beatifulllhistory.com/api/stock.js

80.66.79.249

12 kB

URL
special.beatifulllhistory.com/api/stock.js
IP
80.66.79.249:0
ASN
#20803 LLC Siberian Telecommunications Company

File type
ASCII text, with very long lines (31285), with no line terminators
Size
12 kB (12510 bytes)
Hash
310e4c7a7b1a07e434f6979946913bc6
852b92f97dfd1d0566fc5e0111b2dda12d123aff
164d5b15820f2c6d68cccba4309e13b4a6d3321edbc8fc09a95dcdf38e5efff6

Detections

Analyzer	Verdict	Alert
ThreatFox	malicious	Unknown malware
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/stock.js HTTP/1.1
Host: special.beatifulllhistory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 11:22:46 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Nov 2023 10:35:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"654cb5f3-7a35"
Expires: Fri, 15 Dec 2023 11:22:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

support.apple.com/en-us/102594

96.6.18.63

28 kB

URL
support.apple.com/en-us/102594
IP
96.6.18.63:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (50335)
Size
28 kB (28153 bytes)
Hash
ecca7266abc8c68db443b14da9357393
690aa96e35b983225148c5237207cb9f9305b7d5
3212f08790ef3afe9c72c18641c8929799a12e634e99b6916bd3865d8a0e7754

HTTP Headers

GET /en-us/102594 HTTP/1.1
Host: support.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apple
Content-Type: text/html;charset=utf-8
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: origin
Access-Control-Max-Age: 1
ETag: a56T1AULltDRsOct23JD4Z110=====--gzip
SS-Article-Version: 1.0.5.0
Last-Modified: Fri, 20 Oct 2023 20:51:30 GMT
Content-Language: en-US
Content-Encoding: gzip
Host: support-shd-prn.corp.apple.com
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Length: 28153
Date: Tue, 05 Dec 2023 11:22:45 GMT
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=1740, no-siteapp

fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.1

172.217.21.170

12 kB

URL
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.1
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (29649)
Size
12 kB (12282 bytes)
Hash
859f0cc3bccd4a3b17e0c67c50569910
ec06181d73b223065e2ae372ad204a4f503ff579
1dd3235f5c2ed44950863cf44156355d7163bd4386a8a920d451fa3a0e74aa52

HTTP Headers

GET /css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 11:22:39 GMT
date: Tue, 05 Dec 2023 11:22:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2054362e5188aefcbf941ccb19dc606b
5570563c5d4105a8040269937ae7cc6c19b66fa5
54e93b56036978429ff6b4fd5fbf37f8f7883d1a65ee5503199807992f92e0e7

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 11:22:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://portwashington-news.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3:2:1; expires=Fri, 02 Dec 2033 11:22:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/themes/NewspaperNew/images/icons/newspaper.woff?14

151.101.130.159

15 kB

URL
portwashington-news.com/wp-content/themes/NewspaperNew/images/icons/newspaper.woff?14
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
Web Open Font Format, TrueType, length 15184, version 1.0\012- data
Size
15 kB (15184 bytes)
Hash
34874304d80fdcbe202d44126defd76f
192bea38c37e42eef7a6e0527dc8e99454dccef6
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f

HTTP Headers

GET /wp-content/themes/NewspaperNew/images/icons/newspaper.woff?14 HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://portwashington-news.com/wp-content/themes/NewspaperNew/style.css?ver=8.0
DNT: 1
Connection: keep-alive
Cookie: _ga_GN4J8P8YEL=GS1.1.1701775371.1.0.1701775371.0.0.0; _ga=GA1.1.1133471505.1701775372
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff
etag: "59e067db-3b50"
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1
x-content-type-options: nosniff
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
last-modified: Fri, 13 Oct 2017 07:14:35 GMT
x-fw-server: Flywheel/5.1.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:46 GMT
x-served-by: cache-bma1667-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775367.595408,VS0,VE1
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 15184
X-Firefox-Spdy: h2

north.statisticplatform.com/LJWmLm

80.66.79.248

6.1 kB

URL
north.statisticplatform.com/LJWmLm
IP
80.66.79.248:0
ASN
#20803 LLC Siberian Telecommunications Company

File type
ASCII text, with very long lines (14150), with no line terminators
Size
6.1 kB (6149 bytes)
Hash
33f661e7931fe68e974f9bacc20cb0d8
2741d54525746e66123f3f9290c7afe6e11f3026
0d10ab9ae81ed51d40af144320af43f208be21fb0ac02e968c5b017fc2c3bbdd

HTTP Headers

GET /LJWmLm HTTP/1.1
Host: north.statisticplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 11:22:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: Tue, 05 Dec 2023 11:22:46 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
Access-Control-Allow-Origin: *

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 455112
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 454908
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:54:00 GMT
expires: Wed, 04 Dec 2024 03:54:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 26926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 454908
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 454908
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:43:41 GMT
expires: Wed, 04 Dec 2024 04:43:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 23945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

antonmediagroup.com/wp-content/uploads/2014/06/slider-background.jpg

151.101.194.159

39 kB

URL
antonmediagroup.com/wp-content/uploads/2014/06/slider-background.jpg
IP
151.101.194.159:0
ASN
#54113 FASTLY

File type
gzip compressed data, from Unix\012- data
Size
39 kB (39198 bytes)
Hash
7f860ef826d60bd0c07f865d79704eda
56810cf08f4595726a04bae6bc6196eec8e2aa2d
4fb6d63a71e3c7761776d9b267586404415f9d56aab3568333f3bbebd164d227

HTTP Headers

GET /wp-content/uploads/2014/06/slider-background.jpg HTTP/1.1
Host: antonmediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: v9mzj5ccmm
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-encoding: gzip
content-type: image/jpeg
last-modified: Thu, 21 Jan 2016 13:48:23 GMT
etag: W/"56a0e1a7-a081"
cache-control: private, max-age=0
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
date: Tue, 05 Dec 2023 11:22:46 GMT
x-served-by: cache-bma1650-BMA, cache-bma1650-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1701775367.851283,VS0,VE132
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
X-Firefox-Spdy: h2

support.apple.com/en-us/HT213526

96.6.18.63

0 B

URL
support.apple.com/en-us/HT213526
IP
96.6.18.63:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /en-us/HT213526 HTTP/1.1
Host: support.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: Apple
Content-Length: 0
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: origin
Access-Control-Max-Age: 1
ETag: a56T1AULltDRsOct23JD4Z110=====
Last-Modified: Tue, 05 Dec 2023 11:21:44 GMT
Location: https://support.apple.com/en-us/102594
Content-Language: en-US
Host: support-shd-prn.corp.apple.com
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Date: Tue, 05 Dec 2023 11:22:47 GMT
Connection: keep-alive
Cache-Control: public, max-age=43200, no-siteapp

support.apple.com/en-us/102594

96.6.18.63

28 kB

URL
support.apple.com/en-us/102594
IP
96.6.18.63:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (50335)
Size
28 kB (28153 bytes)
Hash
ecca7266abc8c68db443b14da9357393
690aa96e35b983225148c5237207cb9f9305b7d5
3212f08790ef3afe9c72c18641c8929799a12e634e99b6916bd3865d8a0e7754

HTTP Headers

GET /en-us/102594 HTTP/1.1
Host: support.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Apple
Content-Type: text/html;charset=utf-8
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Headers: origin
Access-Control-Max-Age: 1
ETag: a56T1AULltDRsOct23JD4Z110=====--gzip
SS-Article-Version: 1.0.5.0
Last-Modified: Fri, 20 Oct 2023 20:51:30 GMT
Content-Language: en-US
Content-Encoding: gzip
Host: support-shd-prn.corp.apple.com
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Length: 28153
Date: Tue, 05 Dec 2023 11:22:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, no-transform, max-age=1738, no-siteapp

got.statisticplatform.com/special

80.66.79.247

0 B

URL
got.statisticplatform.com/special
IP
80.66.79.247:0
ASN
#20803 LLC Siberian Telecommunications Company

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /special HTTP/1.1
Host: got.statisticplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 11:22:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Tue, 05 Dec 2023 11:22:47 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
Access-Control-Allow-Origin: *

fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.227

50 kB

URL
fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 50368, version 1.0\012- data
Size
50 kB (50368 bytes)
Hash
4facfd6ff39e147b7e39c4b1abe4117d
0f7c0d978c209d21eb3f55950fc43e77c196ec3b
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334

HTTP Headers

GET /s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 50368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:48:09 GMT
expires: Fri, 29 Nov 2024 04:48:09 GMT
cache-control: public, max-age=31536000
age: 455678
last-modified: Thu, 14 Sep 2023 01:04:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

192.243.61.227

0 B

URL
enormouslysubsequentlypolitics.com/watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1 HTTP/1.1
Host: enormouslysubsequentlypolitics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 11:22:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://portwashington-news.com
Access-Control-Allow-Origin: https://portwashington-news.com
Access-Control-Allow-Credentials: true
Location: https://enormouslysubsequentlypolitics.com/watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1&shu=58920df881d660115271e5a3d74ee1ba04a352f5762806e0de946016bce13aad292cffdfa61494e360d569c692d3fc1545f95217af29cdfd05abf284698aaa8985ae408c60c0a0a73eaafcf4d38e5134595a06e60f9a5ae2725c5719d4bc1c&pst=1701775427&rmtc=t
Set-Cookie: u_pl=20705753; expires=Wed, 06 Dec 2023 11:22:47 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDcwNTc1MywiayI6Ijc4NDlmZDg1ZjBkOTQ0NzRkNjZhOWVmM2JmNzc2OTE5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDEzMzk1LCJwaWQiOjEyNTYzNzgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MzIsInB0Ijo0LCJwayI6ImtqbWUyNXB4eCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3BvcnR3YXNoaW5ndG9uLW5ld3MuY29tLyIsImFyIjpbXX19.T044_smBNsGDVJJB5BNK3ML5pQliLGdDbHjtnjMf-c0; expires=Tue, 05 Dec 2023 11:23:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4474a1d4645d134210588b5cb80610f4
Strict-Transport-Security: max-age=0; includeSubdomains

portwashington-news.com/wp-content/uploads/2016/10/Port-square-16.png

151.101.130.159

857 B

URL
portwashington-news.com/wp-content/uploads/2016/10/Port-square-16.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
857 B (857 bytes)
Hash
78fb1f05db48aa0d81b5d57dff48990f
88e2f471209223f62e84a8cef5c6303d61d2c767
41c1830decc81700580450f46f20ac24f13caf37abda386b8c2e5f9ecfa03cda

HTTP Headers

GET /wp-content/uploads/2016/10/Port-square-16.png HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Cookie: _ga_GN4J8P8YEL=GS1.1.1701775371.1.0.1701775371.0.0.0; _ga=GA1.1.1133471505.1701775372; dom3ic8zudi28v8lr6fgphwffqoz0j6c=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: tkxxwx7pon
last-modified: Mon, 24 Oct 2016 15:46:23 GMT
x-content-type-options: nosniff
x-fw-version: 5.0.0
content-type: image/png
etag: W/"580e2ccf-342"
x-xss-protection: 1
content-encoding: gzip
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:47 GMT
x-served-by: cache-bma1660-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775368.962591,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 857
X-Firefox-Spdy: h2

portwashington-news.com/wp-content/uploads/2016/10/Port-square-152.png

151.101.130.159

8.8 kB

URL
portwashington-news.com/wp-content/uploads/2016/10/Port-square-152.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 152 x 154, 8-bit colormap, non-interlaced\012- data
Size
8.8 kB (8764 bytes)
Hash
bba435405256fe376ccab7a066833ae4
065421baa46f4fb1271d581487676ae229b59074
e4267a1475e02ae4f694406b22665f518bb30735e3cc61c391d929332ddb70d1

HTTP Headers

GET /wp-content/uploads/2016/10/Port-square-152.png HTTP/1.1
Host: portwashington-news.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://portwashington-news.com/
DNT: 1
Connection: keep-alive
Cookie: _ga_GN4J8P8YEL=GS1.1.1701775371.1.0.1701775371.0.0.0; _ga=GA1.1.1133471505.1701775372; dom3ic8zudi28v8lr6fgphwffqoz0j6c=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-fw-version: 5.0.0
x-fw-hash: tkxxwx7pon
x-fw-server: Flywheel/5.1.0
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
content-type: image/png
last-modified: Mon, 24 Oct 2016 15:59:54 GMT
etag: W/"580e2ffa-2220"
cache-control: public, max-age=31536000
x-xss-protection: 1
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Tue, 05 Dec 2023 11:22:47 GMT
x-served-by: cache-bma1679-BMA, cache-bma1682-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1701775368.962034,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8764
X-Firefox-Spdy: h2

enormouslysubsequentlypolitics.com/watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1&shu=58920df881d660115271e5a3d74ee1ba04a352f5762806e0de946016bce13aad292cffdfa61494e360d569c692d3fc1545f95217af29cdfd05abf284698aaa8985ae408c60c0a0a73eaafcf4d38e5134595a06e60f9a5ae2725c5719d4bc1c&pst=1701775427&rmtc=t

192.243.61.227

643 B

URL
enormouslysubsequentlypolitics.com/watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1&shu=58920df881d660115271e5a3d74ee1ba04a352f5762806e0de946016bce13aad292cffdfa61494e360d569c692d3fc1545f95217af29cdfd05abf284698aaa8985ae408c60c0a0a73eaafcf4d38e5134595a06e60f9a5ae2725c5719d4bc1c&pst=1701775427&rmtc=t
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (603)
Size
643 B (643 bytes)
Hash
700e00b51d6adf59b889d3605af5da66
1bb066acec6248e9f44dc92b0f07c37f617cd4b7
bef16a5cdbacdcf2e4a76b8f73cb6611171590d41fc8f1c7f4972d8299040d76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.776942701413.js?key=7849fd85f0d94474d66a9ef3bf776919&kw=%5B%22port%22%2C%22washington%22%2C%22news%22%2C%22serving%22%2C%22port%22%2C%22washington%22%2C%22sands%22%2C%22point%22%2C%22baxter%22%2C%22estates%22%2C%22flower%22%2C%22hill%22%2C%22port%22%2C%22washington%22%2C%22north%22%2C%22and%22%2C%22manorhaven%22%2C%22since%22%2C%221903%22%5D&refer=https%3A%2F%2Fportwashington-news.com%2F&tz=0&dev=e&res=14.3095&uuid=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3%3A2%3A1&shu=58920df881d660115271e5a3d74ee1ba04a352f5762806e0de946016bce13aad292cffdfa61494e360d569c692d3fc1545f95217af29cdfd05abf284698aaa8985ae408c60c0a0a73eaafcf4d38e5134595a06e60f9a5ae2725c5719d4bc1c&pst=1701775427&rmtc=t HTTP/1.1
Host: enormouslysubsequentlypolitics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://portwashington-news.com
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Cookie: u_pl=20705753; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDcwNTc1MywiayI6Ijc4NDlmZDg1ZjBkOTQ0NzRkNjZhOWVmM2JmNzc2OTE5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMDEzMzk1LCJwaWQiOjEyNTYzNzgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MzIsInB0Ijo0LCJwayI6ImtqbWUyNXB4eCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3BvcnR3YXNoaW5ndG9uLW5ld3MuY29tLyIsImFyIjpbXX19.T044_smBNsGDVJJB5BNK3ML5pQliLGdDbHjtnjMf-c0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 11:22:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://portwashington-news.com
Access-Control-Allow-Origin: https://portwashington-news.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cc43a8f6-52aa-404e-8d99-7e78ffccb0c3:2:1; expires=Tue, 12 Dec 2023 11:22:48 GMT; secure; SameSite=None
iprcd06b23b618d0b0f7fe9bc9f5711a0b26=2717341; expires=Wed, 06 Dec 2023 13:22:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 06 Dec 2023 11:22:48 GMT; secure; SameSite=None
uncs=1; expires=Wed, 06 Dec 2023 11:22:48 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 06 Dec 2023 11:22:48 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 06 Dec 2023 11:22:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d58965085a0c6151982a723cd75701e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=20705753

192.243.59.20

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=20705753
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (488)
Size
1.4 kB (1402 bytes)
Hash
6f92185d76dc8d317732c4c32c0ab231
6f16552199acdadaebc8eadb6ba3c05a283a8198
2ebef1c203c26e4126f79006d5278672a68338442a28eb6cc99845ad760d145f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=20705753 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portwashington-news.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 11:22:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 06 Dec 2023 11:22:49 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjA3MDU3NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wb3J0d2FzaGluZ3Rvbi1uZXdzLmNvbS8iLCJhciI6W119fQ.jI6DZUInU3xOyW72rx1HZKuq_8A_y1OuS7Z316Qe4yM; expires=Tue, 05 Dec 2023 11:23:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 264b464ffe38e67d7c3638f853a21bff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIwNzA1NzUzJnBzdD0xNzAxNzc1NDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGcG9ydHdhc2hpbmd0b24tbmV3cy5jb20lMkYmcm10Yz10JnNodT0yMDg0ODUxNjYyMTQyMjUzODJhMGQxZjAzYWFmMDAyNDNjNjJlZjE1MjZlNDIwZWEyNmQzNmI5NzFlYjE1NDFkOWJiMTk1NjI1ODY0ZTc3NjQ4YzFhMDMyNDY5MzY4NTNmMmVmZWFjMjAwODZmNjBlYTgxMjNjYzc0YzRhMjYwZDMzMmUwYjdhYzNhNTdjZThkMjRiOGNjMWExNmNjNjdhMWJjOTUxNWMwMTU5MjkxMWI3Y2JmNTRlOTA5ODBi&uuid=&pii=&in=false

173.233.137.44

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIwNzA1NzUzJnBzdD0xNzAxNzc1NDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGcG9ydHdhc2hpbmd0b24tbmV3cy5jb20lMkYmcm10Yz10JnNodT0yMDg0ODUxNjYyMTQyMjUzODJhMGQxZjAzYWFmMDAyNDNjNjJlZjE1MjZlNDIwZWEyNmQzNmI5NzFlYjE1NDFkOWJiMTk1NjI1ODY0ZTc3NjQ4YzFhMDMyNDY5MzY4NTNmMmVmZWFjMjAwODZmNjBlYTgxMjNjYzc0YzRhMjYwZDMzMmUwYjdhYzNhNTdjZThkMjRiOGNjMWExNmNjNjdhMWJjOTUxNWMwMTU5MjkxMWI3Y2JmNTRlOTA5ODBi&uuid=&pii=&in=false
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIwNzA1NzUzJnBzdD0xNzAxNzc1NDI5JnJlZmVyPWh0dHBzJTNBJTJGJTJGcG9ydHdhc2hpbmd0b24tbmV3cy5jb20lMkYmcm10Yz10JnNodT0yMDg0ODUxNjYyMTQyMjUzODJhMGQxZjAzYWFmMDAyNDNjNjJlZjE1MjZlNDIwZWEyNmQzNmI5NzFlYjE1NDFkOWJiMTk1NjI1ODY0ZTc3NjQ4YzFhMDMyNDY5MzY4NTNmMmVmZWFjMjAwODZmNjBlYTgxMjNjYzc0YzRhMjYwZDMzMmUwYjdhYzNhNTdjZThkMjRiOGNjMWExNmNjNjdhMWJjOTUxNWMwMTU5MjkxMWI3Y2JmNTRlOTA5ODBi&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjA3MDU3NTMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wb3J0d2FzaGluZ3Rvbi1uZXdzLmNvbS8iLCJhciI6W119fQ.jI6DZUInU3xOyW72rx1HZKuq_8A_y1OuS7Z316Qe4yM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 11:22:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=302b3a67ca4cb7fe99720a656a9e1e04&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc93632de9adfd4d5b2a65b3371fddb2ed=4641329; expires=Wed, 06 Dec 2023 11:22:49 GMT
pdhtkv=true; expires=Wed, 06 Dec 2023 11:22:49 GMT
uncs=1; expires=Wed, 06 Dec 2023 11:22:49 GMT
pdhtkv28=true; expires=Wed, 06 Dec 2023 11:22:49 GMT
uncs28=1; expires=Wed, 06 Dec 2023 11:22:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae2415747c6c834b109cb3724b928c2a
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=302b3a67ca4cb7fe99720a656a9e1e04&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=302b3a67ca4cb7fe99720a656a9e1e04&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=302b3a67ca4cb7fe99720a656a9e1e04&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 05 Dec 2023 11:22:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9uoho8pd5; expires=Wed, 06-Dec-2023 11:22:50 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9uoho8pd5-h9uoho8pd5-hq1m-0-q5a4bl-ftxofe-ft8pdz-fb7c05; expires=Wed, 06-Dec-2023 11:22:50 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c91beh9uoho8pd56ee&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c91beh9uoho8pd56ee&sub_id=16122660

104.21.22.161

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c91beh9uoho8pd56ee&sub_id=16122660
IP
104.21.22.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c91beh9uoho8pd56ee&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 11:22:50 GMT
content-length: 0
location: https://vvfal.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=c91beh9uoho8pd56ee&sub_id=16122660&nrid=d8ddfaadf59c4da18e7afd97c27e6563&hash=ltTWJScLt5C-mr4i4W7wOg&exp=1701775670
set-cookie: zKByXHsQK0ydGD7DogbGyA=18; max-age=345600; path=/; samesite=lax
__pl=9b30bdd0-11e2-4198-9302-3b032f60e50c; expires=Fri, 05 Dec 2025 11:22:50 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O8tcOjZzsGFDboScEYy6dolp1evJVCIK6UyEA%2BaQFdB8Q0KD5vnGvGxcjXWmYTKGYKX6bhVlEEDdk06erV78Ik9UnsGFNl%2FRr319zvfR60rEW71o4CVb2rD65%2B1WmqHZvkL4uCasEgWGaRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830be9e1dec7568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/office-robot/assets/trls.js

172.67.154.38

15 kB

URL
vvfal.stonecarv.top/office-robot/assets/trls.js
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
15 kB (14973 bytes)
Hash
66aeffc55e433f870fae37e6739cf78a
ce62781981fb9f5aaab731c7c88b6c42bfa0ffd3
7e52bc2b585cae7ab1d15faedc9e887f898ea85d65e76ef081550424da6ac92f

HTTP Headers

GET /office-robot/assets/trls.js HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=c91beh9uoho8pd56ee&sub_id=16122660&nrid=d8ddfaadf59c4da18e7afd97c27e6563&hash=ltTWJScLt5C-mr4i4W7wOg&exp=1701775670
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 11:22:50 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-25f6"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8UJ99t93MUNvdzIBHYiT9DhVK5hxt2%2FtELWmD6rHXC2CYpTg%2FIJVJSP1F7LNzqVf0O9J8669PEQLigF%2FmAt9v9GAfFU0JsUbm4f4BWRYI1OXIHtrs%2FhiXAUNUh2mV%2FGS9iGD91r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830be9e44b8d0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.35

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 08:48:47 GMT
expires: Wed, 04 Dec 2024 08:48:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 454639
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=c91beh9uoho8pd56ee&sub_id=16122660&nrid=d8ddfaadf59c4da18e7afd97c27e6563&hash=ltTWJScLt5C-mr4i4W7wOg&exp=1701775670

172.67.154.38

43 kB

URL
a.stonecarv.top/office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=c91beh9uoho8pd56ee&sub_id=16122660&nrid=d8ddfaadf59c4da18e7afd97c27e6563&hash=ltTWJScLt5C-mr4i4W7wOg&exp=1701775670
IP
172.67.154.38:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4979), with CRLF line terminators
Size
43 kB (43248 bytes)
Hash
330c329ba9c5eea9b937c5df60b60eb8
38c31f182f96dbee317d4555060a1837d2e08cbe
2ffc36031eddbd49cfd71e01b9d81a773dc7146d549d7b4295f90745be0b5d90

HTTP Headers

GET /office-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&click_id=c91beh9uoho8pd56ee&sub_id=16122660&nrid=d8ddfaadf59c4da18e7afd97c27e6563&hash=ltTWJScLt5C-mr4i4W7wOg&exp=1701775670 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 11:22:51 GMT
content-type: text/html
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnR3Wvx77nFupjCxEC55W6zHNIYPc7ViNfm5CNcI0CnvTXbJXzsqtQ%2FwTstmrlEfZ7%2BuZXLTsZOD%2FVwFn1FkJWWqTR1hLrJ%2FHU3H1kCp8u4QSzJ8qqNUuOcdol7yy4Tsg50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830be9e75ded0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.35

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 08:48:47 GMT
expires: Wed, 04 Dec 2024 08:48:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 454639
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d

173.233.137.44

200 OK

1.3 kB

URL User Request GET HTTP/1.1
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (420)
Size
1.3 kB (1342 bytes)
Hash
e8e2853e6758edba0029a76777ec7147
96ff1829a06f1876fd3945d5938ebc92b527c35d
ca8e392ffcced85cbc92e97693b967a566d3f96b48802ddefe064e875a57a729

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 05 Dec 2023 11:22:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Wed, 06 Dec 2023 11:22:52 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Tue, 05 Dec 2023 11:23:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1d95780042105f0a6b09e856fa1fdbb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzc1NDMyJnJtdGM9dCZzaHU9MmZjYjkwYWVmMjBjYzJiNzcxOGYxY2I1NDUzY2RmYTU2MDRlMmY2YzkwNjZjNTViNDE4ZjU0ZGFiZTUyMDFiMThlYTE2NGU3NGQ0NDFjODgxYWU3NWRiOTM0ZmJlMDFmODA1M2I4NDYyNmI0NDhiZDVmMzNjMjRkM2ZhMWVjZWFkZTI0NzY4YjZjMGM1MTNmMjhiMWViOWYwNmJiOTYzOGJkNGVmMGQ3MjI3ZWVhOGE5ZmZlZTFiMDdiNjQzMTdkZTVhMjJm&uuid=&pii=&in=false

192.243.59.20

0 B

URL
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzc1NDMyJnJtdGM9dCZzaHU9MmZjYjkwYWVmMjBjYzJiNzcxOGYxY2I1NDUzY2RmYTU2MDRlMmY2YzkwNjZjNTViNDE4ZjU0ZGFiZTUyMDFiMThlYTE2NGU3NGQ0NDFjODgxYWU3NWRiOTM0ZmJlMDFmODA1M2I4NDYyNmI0NDhiZDVmMzNjMjRkM2ZhMWVjZWFkZTI0NzY4YjZjMGM1MTNmMjhiMWViOWYwNmJiOTYzOGJkNGVmMGQ3MjI3ZWVhOGE5ZmZlZTFiMDdiNjQzMTdkZTVhMjJm&uuid=&pii=&in=false
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzc1NDMyJnJtdGM9dCZzaHU9MmZjYjkwYWVmMjBjYzJiNzcxOGYxY2I1NDUzY2RmYTU2MDRlMmY2YzkwNjZjNTViNDE4ZjU0ZGFiZTUyMDFiMThlYTE2NGU3NGQ0NDFjODgxYWU3NWRiOTM0ZmJlMDFmODA1M2I4NDYyNmI0NDhiZDVmMzNjMjRkM2ZhMWVjZWFkZTI0NzY4YjZjMGM1MTNmMjhiMWViOWYwNmJiOTYzOGJkNGVmMGQ3MjI3ZWVhOGE5ZmZlZTFiMDdiNjQzMTdkZTVhMjJm&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 05 Dec 2023 11:22:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Wed, 06 Dec 2023 11:22:53 GMT
uncs=1; expires=Wed, 06 Dec 2023 11:22:53 GMT
pdhtkv28=true; expires=Wed, 06 Dec 2023 11:22:53 GMT
uncs28=1; expires=Wed, 06 Dec 2023 11:22:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5593f956d48c8097379209b1445f617f
Strict-Transport-Security: max-age=0; includeSubdomains

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905

13.107.246.53

0 B

URL
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701775373887)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231251122%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210669401381%7c1%22%7d%5d; domain=.unibet.com; expires=Thu, 05-Dec-3022 11:22:53 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0DQhvZQAAAADXRld8ZwE8S43ki9guXGXVU1ZHMjBFREdFMDUwOAAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Tue, 05 Dec 2023 11:22:53 GMT
content-length: 0
X-Firefox-Spdy: h2

www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950

85.184.96.28

0 B

URL
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP
85.184.96.28:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701775373887)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231251122%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 11:22:54 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node0td6r4q93tlew8hj67xmdl1ws26976.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0td6r4q93tlew8hj67xmdl1ws2; Path=/; Domain=.unibet.com; Expires=Thu, 04-Dec-2025 11:22:54 GMT; Max-Age=63072000; Secure
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Thu, 04-Dec-2025 11:22:54 GMT; Max-Age=63072000; Secure
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Thu, 04-Dec-2025 11:22:54 GMT; Max-Age=63072000; Secure
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
affiliateId=1; Path=/; Domain=.unibet.com; Secure
B-TAG=127656177_BAA5423353104F76971AC113633E400A; Path=/; Domain=.unibet.com; Secure
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
BID=37950; Path=/; Domain=.unibet.com; Secure
PID=94151521; Path=/; Domain=.unibet.com; Secure
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BAA5423353104F76971AC113633E400A%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Tue, 05 Dec 2023 11:22:54 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950

85.184.96.28

0 B

URL
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP
85.184.96.28:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BAA5423353104F76971AC113633E400A&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701775373887)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231251122%22%7d%5d; __ucbt=node0td6r4q93tlew8hj67xmdl1ws2; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_BAA5423353104F76971AC113633E400A; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BAA5423353104F76971AC113633E400A%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 11:22:54 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_BAA5423353104F76971AC113633E400A&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Tue, 05 Dec 2023 11:22:54 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&sub_id=16122660&click_id=c91beh9uoho8pd56ee&nrid=99ff1c72589686c012ba6690b4f85c13&reason=tb_exit&attempt=2

172.67.154.38

200 OK

297 B

URL User Request GET HTTP/3
cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&sub_id=16122660&click_id=c91beh9uoho8pd56ee&nrid=99ff1c72589686c012ba6690b4f85c13&reason=tb_exit&attempt=2
IP
172.67.154.38:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectstonecarv.top
FingerprintC9:CD:92:AE:B3:B3:96:B3:A4:1F:A3:A4:30:B4:EB:CA:9E:BE:BA:C3
ValidityThu, 23 Nov 2023 13:25:44 GMT - Wed, 21 Feb 2024 13:25:43 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (317), with no line terminators
Size
297 B (297 bytes)
Hash
1acd9b7ae46d35c444fe0cf371d76dc3
555fd9ba14df15e7865807e59eb792462c801018
567773c157f1749f4dfbd034fe68fdbb099b51b73360ed178eaa85df79a1eac0

HTTP Headers

GET /ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=office-robot&sub_id=16122660&click_id=c91beh9uoho8pd56ee&nrid=99ff1c72589686c012ba6690b4f85c13&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=373176b8-3d9b-469f-825f-9d566b45d174
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 11:22:51 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixzYhNuuGID7NdtQyiFT9qvAfMXh5YHMDSyAnqZduiBL59bD1cqiTpVcNSjE2JtcgOAggTVNdfPZrwOd2itXuPUGxHhw32z2%2Fu5o0OnJpnTLbj%2Fp27Jv6lVSrvEd6K584peKlYHkWWOYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830be9ea1fe80b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.toprevenuegate.com/favicon.ico

0.0.0.0

0 B

URL GET
www.toprevenuegate.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (95)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP