Report - watching.nwsautodaily.com/ro/movie/1265662/

Report Overview

Visited public
2024-06-22 09:44:54
Tags
URL
watching.nwsautodaily.com/ro/movie/1265662/
Finishing URL
watching.nwsautodaily.com/ro/movie/1265662
IP / ASN
104.21.4.58
#13335 CLOUDFLARENET
Title
Urmărește Buzz House: The Movie Filmul complet online gratuit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
image.tmdb.org	17757	2009-09-15	2021-01-09 07:43:03	2024-06-21 20:42:12	10 kB	572 kB	138.199.37.231
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-06-21 22:53:55	744 B	471 B	192.243.59.12
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-21 18:12:54	2.0 kB	5.3 kB	23.33.119.57
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-06-21 18:13:20	327 B	888 B	23.33.119.57
hedwigmonday.com	unknown	2024-02-09	2024-02-09 15:01:40	2024-02-26 00:45:24	886 B	25 kB	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-06-21 18:57:29	2.1 kB	111 kB	142.250.74.67
astonishingpenknifeprofessionally.com	unknown	2024-06-03	2024-06-04 07:06:50	2024-06-20 22:11:20	2.7 kB	6.1 kB	172.240.253.132
burntclear.com	unknown	2024-06-03	2024-06-04 07:07:23	2024-06-20 20:55:41	2.7 kB	6.0 kB	172.240.108.68
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-06-21 23:11:00	450 B	10 kB	142.250.74.106
watching.nwsautodaily.com	unknown	2022-05-27	2023-02-07 13:17:30	2023-11-02 03:05:24	8.1 kB	548 kB	172.67.154.8
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2024-06-21 18:21:53	1.5 kB	96 kB	172.67.142.245
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-06-21 21:04:12	1.4 kB	1.2 kB	18.192.184.0
resignedcamelplumbing.com	unknown	2024-06-03	2024-06-04 06:49:24	2024-06-20 20:07:40	2.6 kB	2.5 kB	192.243.59.20
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2024-06-21 21:13:32	896 B	412 kB	45.133.44.9
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-06-21 18:17:23	1.6 kB	3.5 kB	142.250.74.131
pl20747854.highcpmgate.com	unknown	unknown	No data	No data	455 B	32 kB	172.240.108.76
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-06-21 18:14:07	338 B	941 B	143.204.53.97
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-06-21 22:53:54	424 B	375 B	192.243.59.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-21	medium	highcpmgate.com	Sinkholed
2024-06-22	medium	resignedcamelplumbing.com	Sinkholed
2024-06-22	medium	resignedcamelplumbing.com	Sinkholed
2024-06-22	medium	resignedcamelplumbing.com	Sinkholed
2024-06-22	medium	capaciousdrewreligion.com	Sinkholed
2024-06-22	medium	astonishingpenknifeprofessionally.com	Sinkholed
2024-06-22	medium	resignedcamelplumbing.com	Sinkholed
2024-06-22	medium	resignedcamelplumbing.com	Sinkholed
2024-06-22	medium	astonishingpenknifeprofessionally.com	Sinkholed
2024-06-22	medium	burntclear.com	Sinkholed
2024-06-22	medium	unseenreport.com	Sinkholed
2024-06-22	medium	burntclear.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	pl20747854.highcpmgate.com/80/38/37/80383758cfe1b0b219f4536851675fba.js	ScriptElement	84 kB	2024-08-19	2024-08-19
Pretty URL pl20747854.highcpmgate.com/80/38/37/80383758cfe1b0b219f4536851675fba.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 428fced7d7c764354c1ab6623946eab3 72cdf90baaa18196c27a87844c7b61e0f1f9f11c 09ee6bfdb561d7fcee6ba9693fdeb9220541ef18bc1870038c5c9fbfa3177074 Loading...

	unknown	ScriptElement	236 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 2f2bbb5844d43a05057cbdf6f9405ee0 e142c1b5fd4b95606c696e4b37447d00b566987e e94b83eb113dddbf8e6f784d87da8dc6362c701abbb54da5ec4b0e02089b48bb Loading...

	watching.nwsautodaily.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.8 kB	2024-08-19	2024-08-19
Pretty URL watching.nwsautodaily.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.154.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen2 Hash 755cc81e41c4bc2fa553f0377efd4437 cf9cdce6d150e9cbb793977df31a86f4a82655ac 5111e0af1ece677120dee85cc3eafc71f42183699bd3f1c581d73c54b9a9b552 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	unknown	ScriptElement	145 B	2023-11-08	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 23:24 Last Seen2024-08-20 20:21 Times Seen2 Hash f177db5fb2e5e4058a34e164bc4d677d ef791ea4ef07897aadb968517a587ed37d032c32 d6c8f29367e4ad8ef5480e8252ce37b667950bc8f0c125a44847de1824a65015 Loading...

	watching.nwsautodaily.com/ro/movie/1265662	ScriptElement	26 B	2023-03-07	2025-05-20
Pretty URL watching.nwsautodaily.com/ro/movie/1265662 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-20 12:43 Times Seen244 Hash d0bed863e09f178dcdcfe6e3befe843a e3419074358302d55708fb9c1e84b78e3ba9b254 3253697732ab7f84b393dfce838e5fa5430e8175bca6451e20d7898c7419d863 Loading...

	hedwigmonday.com/04db836545d2d16ed53e50f310dc9895/invoke.js	ScriptElement	31 kB	2024-08-19	2024-08-19
Pretty URL hedwigmonday.com/04db836545d2d16ed53e50f310dc9895/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash c20afb359a6b9490f2a210495e48a0ce 715620630bebde2b97429d0be451afe3dfb9e4e5 3a68206be5e94ba0365b8be032f92fac3028e9a5e752f2aa69d2e9057bc5b1de Loading...

	watching.nwsautodaily.com/assets/v1/js/s.js	ScriptElement	527 kB	2023-03-07	2025-05-20
Pretty URL watching.nwsautodaily.com/assets/v1/js/s.js IP 172.67.154.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-20 12:43 Times Seen260 Hash 3e0d601975871ce6a7cd542a91734d49 84412cab04eb670be0545179d309e04a305ed7c3 34f9313ec80b08437f150e4eef2fe073f872ab201b326b114c9ae9bba00b7dcf Loading...

	watching.nwsautodaily.com/ro/movie/1265662	ScriptElement	139 B	2024-08-19	2024-08-19
Pretty URL watching.nwsautodaily.com/ro/movie/1265662 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 5e036d7f29992a07352e48b3ecad8f31 8e75ea3cfcdc20b41db3db31c5af6158b0cea973 4c5992faccf69aee9d81fcfd7778c360383528b4462ef0574082c523cc0c04c5 Loading...

	unknown	ScriptElement	196 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 5ec0ff1c1ed6a5ee6ad6bff99ce5fb7b c2d002e3ddc3bf34f279ac15611e1cfddd4ffade fe4b3ab73a4960ee8f048ee6d0c71656a0979f2dc26e834245a531834d0e166f Loading...

	unknown	ScriptElement	145 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 22dafd552e01fdfe722878e87059e12e 788b07be4d03b65a81099ef29ca34f9ecf010d7d c60c6de572707ee41bfd6d42c9e8dcd6fc84df4d2ac96b49d793af7ef733e86d Loading...

	unknown	ScriptElement	3.3 kB	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 6eb9e2f8442fa8efcfde21ff9f191150 adfcc11d3a243f829027bc878e7f85b83f7095d2 7e2532a1912fa73a78d54a39bcc82209a25ae12054425ad248acb985588ab6e4 Loading...

	unknown	ScriptElement	3.4 kB	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 6cb418a1ac998cc94ca595e16f6a423b debfbb7ab5267716f020453a2eec5c0753d49625 8cd95d4c88814f601b41916a544c6208d4c3b7f91a88ded75e0769eeb9cddf1e Loading...

	watching.nwsautodaily.com/assets/v1/js/js.js	ScriptElement	288 kB	2023-03-07	2025-05-28
Pretty URL watching.nwsautodaily.com/assets/v1/js/js.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-28 02:04 Times Seen341 Hash ae557976a61570a850e6b9e1de77e667 2a48828aa085dce014b82851b2cc5034ad9e5c52 99ec662ecfe312398708a1ce2aa752e806e6124de63b47181141f9c344242c89 Loading...

	watching.nwsautodaily.com/ro/movie/1265662	ScriptElement	139 B	2024-08-19	2024-08-19
Pretty URL watching.nwsautodaily.com/ro/movie/1265662 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 06abe4428f9e1f52373cfb96ee7e7ab6 1643720fc0e1f1d9a9a6f0c541dec594f06b67e1 b30b73fbb8aaf61796720b3c587b492e8a2db1061b0fb0768900425163ba6ccf Loading...

	watching.nwsautodaily.com/ro/movie/1265662	ScriptElement	424 B	2024-08-19	2024-08-19
Pretty URL watching.nwsautodaily.com/ro/movie/1265662 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash d20023488cf7b546f56b04608b7d6a62 068fc09325a1b97ac45de562477838f4d38df4ee 74eb7551a01c41f09c21f4a1c51b8005a1ac4c63688bbcb5769ba2507f6a773d Loading...

	use.fontawesome.com/3db27005e3.js	ScriptElement	9.5 kB	2023-03-07	2025-05-31
Pretty URL use.fontawesome.com/3db27005e3.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-31 18:33 Times Seen410 Hash 98736d79a2579e922ebb12be517eea2a e572a040dff07014408a07f589ae29d7e4045cba 0dac9c370df2dbbb2b36a3ca7f77e2dfdf9678e8d951f376dee865b01312829b Loading...

	watching.nwsautodaily.com/ro/movie/1265662	ScriptElement	921 B	2024-08-19	2024-08-19
Pretty URL watching.nwsautodaily.com/ro/movie/1265662 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash e21bf35743add3d74ed3a2833bf0dc81 5620a4a7ef357101c631373a69fe9130eb7c642d ed8bf188767170fcd8c789625a8123547687df8d2fbe03079fdd1e0cec733a07 Loading...

	hedwigmonday.com/143a0214fdb4468e044d82ccbfdc024f/invoke.js	ScriptElement	31 kB	2024-08-19	2024-08-19
Pretty URL hedwigmonday.com/143a0214fdb4468e044d82ccbfdc024f/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash f7594c1ad8b332d81f0329a15eaf1d1b a4783b29171aec1e4283c618083385176deb8e38 7625ab0913fd83dd650763a931b68b6085d35d8f97ae65c9844b4acc0675fd4d Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-06-02
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-02 13:22 Times Seen4827800 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5ac0cc2567703ce0d1ce70292889496e	2.1 kB	2024-08-19 19:13	2024-08-19 19:13
Pretty Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 5ac0cc2567703ce0d1ce70292889496e b4f21fbe52a459c1e7a2086fb13fe0c51e845140 8a6f49c50b47e262b56661ca65a41d641799256322277bb8337f4945e491a8f9 Loading...

	#2 Eval - 72b0417ff3f8dfbd47a87d7ea97ef56c	2.1 kB	2024-08-19 19:13	2024-08-19 19:13
Pretty Observations First Seen2024-08-19 19:13 Last Seen2024-08-19 19:13 Times Seen1 Hash 72b0417ff3f8dfbd47a87d7ea97ef56c d5b931af28e20ca38ed4eae5ba6ecc0cf15c2c8a e2f5e875d36b058d2c53ab68ac05b3fffc544a6dbe3811a4b2eda1fd91e3d13b Loading...

HTTP Transactions (69)

URL IP Response Size

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6d997a3e4c838d12e34de2dd2d4208c3
386abb53e2df86f291b6a86765d9a6feb88ba30b
32e00abd54407308b80a14e2916a119d95d90b1e7842f8cf0e87df306287869c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "32E00ABD54407308B80A14E2916A119D95D90B1E7842F8CF0E87DF306287869C"
Last-Modified: Thu, 20 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14984
Expires: Sat, 22 Jun 2024 13:54:10 GMT
Date: Sat, 22 Jun 2024 09:44:26 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c0fde0756f59aaa5fa85a62f5f528e74
3c2d990e14054ee3b407cc37d77e255533d91ed6
ca44d6619deb0e020993a84c6bfbf1993bf096b13863b706dc8a826499348276

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CA44D6619DEB0E020993A84C6BFBF1993BF096B13863B706DC8A826499348276"
Last-Modified: Wed, 19 Jun 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5214
Expires: Sat, 22 Jun 2024 11:11:21 GMT
Date: Sat, 22 Jun 2024 09:44:27 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f0269d61bdfd971c035a90020cb9f629
06631fd5df5a9bd3b9673361601cc37a34e64f69
47b785dc0588f89f6a0bd23143e340c2fa04f194c59853f63e8b937964655373

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "47B785DC0588F89F6A0BD23143E340C2FA04F194C59853F63E8B937964655373"
Last-Modified: Sat, 22 Jun 2024 04:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19521
Expires: Sat, 22 Jun 2024 15:09:48 GMT
Date: Sat, 22 Jun 2024 09:44:27 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6720792332fb717894b4e5221fdc3d86
f79b1d3611fb53cea950acb15000473ae7174149
67dd6ffe107c77c5f8bea4a3d6771b6026efc51bd4a9b26c66c8791c1ef48965

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "67DD6FFE107C77C5F8BEA4A3D6771B6026EFC51BD4A9B26C66C8791C1EF48965"
Last-Modified: Thu, 20 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8739
Expires: Sat, 22 Jun 2024 12:10:08 GMT
Date: Sat, 22 Jun 2024 09:44:29 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6720792332fb717894b4e5221fdc3d86
f79b1d3611fb53cea950acb15000473ae7174149
67dd6ffe107c77c5f8bea4a3d6771b6026efc51bd4a9b26c66c8791c1ef48965

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "67DD6FFE107C77C5F8BEA4A3D6771B6026EFC51BD4A9B26C66C8791C1EF48965"
Last-Modified: Thu, 20 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8739
Expires: Sat, 22 Jun 2024 12:10:08 GMT
Date: Sat, 22 Jun 2024 09:44:29 GMT
Connection: keep-alive

watching.nwsautodaily.com/assets/v1/logo.png

172.67.154.8

200 OK

7.5 kB

URL GET HTTP/3
watching.nwsautodaily.com/assets/v1/logo.png
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type
PNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced
Size
7.5 kB (7490 bytes)
Hash
d7581eb27020d088ffcaaa2096f44d16
5fb47afb3cc76f77d3157f036e607a123ade77cb
27f52e34ef81930813612f58f8dcd500b631136596edd768e8be9ad59a3550fb

HTTP Headers

GET /assets/v1/logo.png HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
Cookie: XSRF-TOKEN=eyJpdiI6InB4Wmo5bmVIaU1oQnQ3TGRUWXJHUFE9PSIsInZhbHVlIjoiZFdpUUxWSk1wNmZDRDlBbHJpaVNRenFQSkx5TFBLRkNTMnVFdGZYMFJZbm04Z3VIZG1lckIwNDFhQWhseFk0ayIsIm1hYyI6IjQxMzVhZGFiZjQ0OTBkYjRiNjhlMTkxNmQyNzlhNDAyYzE1OTEzNjk5ZDEyYzdmM2FlMTliNzNlZjVjOGIyZWMifQ%3D%3D; laravel_session=eyJpdiI6Ik9IaEtad0p1VlBDcUpETFFyUkdOcHc9PSIsInZhbHVlIjoiMWhQOTU3XC9ITDlSZ0w5dm1TSCtjWGFXdG9ZVnNJdGZUZ3M5RnpjQjNlVGtjWlwvT3dEXC9kM083bW5Zb1VTall3RCIsIm1hYyI6IjgwMTA4MjMxYTcwZTZiNjYzMjUwOWVmNzc3ZTkyNmJmNDMwMDVmNThkMDk1YzVjYzExODE4YmNjMTRlMTlhMjUifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/png
content-length: 7490
cache-control: public, max-age=604800
expires: Fri, 28 Jun 2024 13:11:15 GMT
etag: "1d42-5d498852-c2206;;;"
last-modified: Tue, 06 Aug 2019 14:01:54 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 73993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNT0Vobl%2BXY67oZbouzXTjOH1fQ1BADazTLd492c6uL4mRFsyZfpBfeHiCnvnsKannFwCh3K%2FnqkCy0TloWaOaLvHRMhCm0d6GygsidjxRrPEvoRKwMxhbxxAR%2FzayU2%2F8jD1if%2Fwl%2BzhK5t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 897b4cce782e56b1-OSL

image.tmdb.org/t/p/w300/sav0jxhqiH0bPr2vZFU0Kjt2nZL.jpg?resize=300,450

138.199.37.231

200 OK

26 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/sav0jxhqiH0bPr2vZFU0Kjt2nZL.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
26 kB (25862 bytes)
Hash
668610a38d04aa9fd3d549b254dbda32
06e6464871a6639076b1b66f8b9a13a300fcc4c8
10544f854ccaae7ebf54ad72fcb22ef16902057d3eaf54db160c4bce25348cec

HTTP Headers

GET /t/p/w300/sav0jxhqiH0bPr2vZFU0Kjt2nZL.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 25862
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273019a-6506"
last-modified: Wed, 04 May 2022 22:43:38 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2023 16:05:50
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: 3ed0f364de9b9d450c6735edbd2033d0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/pySivdR845Hom4u4T2WNkJxe6Ad.jpg?resize=300,450

138.199.37.231

200 OK

18 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/pySivdR845Hom4u4T2WNkJxe6Ad.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
18 kB (18031 bytes)
Hash
fb185788adc3b736e0519ac0801eca2c
7f5afb70c5034801116867b83bef77f42d6fdd25
9bbbe8d2d78497eee14acf8f37d4c2ab6c6f1f57d2868af943e2d7ea0055f5ba

HTTP Headers

GET /t/p/w300/pySivdR845Hom4u4T2WNkJxe6Ad.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 18031
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272bf29-466f"
last-modified: Wed, 04 May 2022 18:00:09 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/27/2023 04:17:59
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 646e6838f2c775610c5da1365a45bea1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83815efd9f84802add2dd8ae9657fb40
093ee264304e5c31cf3888c46725afd9a3a7de23
52562353d3477856a268cfc35f9c7104787b4a08c376cf7229f27b4542481d84

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Jun 2024 09:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

image.tmdb.org/t/p/w300/gQvaNq5pI74NM17ZAs9dVWDRZWo.jpg?resize=300,450

138.199.37.231

200 OK

11 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/gQvaNq5pI74NM17ZAs9dVWDRZWo.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x447, components 3
Size
11 kB (11355 bytes)
Hash
deedb7c563b5534803cd5694fd3c22b3
4f80efee5ac5640f75b6bbf9b8c74bc038ca7a26
28839d4c8d33524b692ca240c4b941b169199034f3614aa67b7101668e07481c

HTTP Headers

GET /t/p/w300/gQvaNq5pI74NM17ZAs9dVWDRZWo.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 11355
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6611e4ff-2c5b"
last-modified: Sun, 07 Apr 2024 00:12:47 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 794
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 09:10:24
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: d0d756c470f6c2c1c319542feebb6186
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/61QBuLwXLNUKUlAcucjmbu5W2cK.jpg?resize=300,450

138.199.37.231

200 OK

15 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/61QBuLwXLNUKUlAcucjmbu5W2cK.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
15 kB (14890 bytes)
Hash
d051be1021119e1aa905c33d381f5327
987af01ffd4b4935969ceb1db6badb87f2214a37
22e4bfc954ca303fad81ddfa8702e70db29d9ca0eb8a9d23a8b46da2c922458d

HTTP Headers

GET /t/p/w300/61QBuLwXLNUKUlAcucjmbu5W2cK.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 14890
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "655f4f7a-3a2a"
last-modified: Thu, 23 Nov 2023 13:11:22 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 426
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 09:10:24
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: ff3f05ea22bef6595135ee27065fb6bb
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/1N1eqvSkL1gNBC8aqNmskfLjCsR.jpg?resize=300,450

138.199.37.231

200 OK

16 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/1N1eqvSkL1gNBC8aqNmskfLjCsR.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
16 kB (15494 bytes)
Hash
5f8baa7f2e8c673e3ad1e170b86179a1
855f716abc2994e4944e97fa22e663713a042b5d
84a5d1704115bb45bd26adf1dfb8ac6085d6f5707d48918ea9ca122b6f34f002

HTTP Headers

GET /t/p/w300/1N1eqvSkL1gNBC8aqNmskfLjCsR.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 15494
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62c85c94-3c86"
last-modified: Fri, 08 Jul 2022 16:34:28 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 15:36:16
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 623f4fe841bbf26cee48e9b442edf2cb
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/gLxebZX1D4pThX4AOZllKoFw1Je.jpg?resize=300,450

138.199.37.231

35 kB

URL
image.tmdb.org/t/p/w300/gLxebZX1D4pThX4AOZllKoFw1Je.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x431, components 3
Size
35 kB (35277 bytes)
Hash
98f215a3cb538734ef518339f8895d02
7080cbcee8203f6ecbe85650dde9e8a7a89f6adf
e38a24e65b3d5f02ba4ec3542f0862a60fb584d2787586e95dbb28d641d169a3

HTTP Headers

GET /t/p/w300/gLxebZX1D4pThX4AOZllKoFw1Je.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 35277
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6288ade7-89cd"
last-modified: Sat, 21 May 2022 09:16:23 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 07:14:35
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: cfd905676716ed6ea9a9a0db913194fa
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/iZf0KyrE25z1sage4SYFLCCrMi9.jpg?resize=300,450

138.199.37.231

200 OK

27 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/iZf0KyrE25z1sage4SYFLCCrMi9.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
27 kB (26643 bytes)
Hash
50234139f0afdeca6607c60e0df5b518
9511103edcce3d2e5ddd58fd2a722a7ddd2a94c7
ed53b03ab20ec62fc3158e01c4f32f2c5548e0937871019080ad0a6ca6cd73c7

HTTP Headers

GET /t/p/w300/iZf0KyrE25z1sage4SYFLCCrMi9.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 26643
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b92b-6813"
last-modified: Wed, 04 May 2022 17:34:35 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 03/17/2023 17:50:09
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: d51257df0f8081fc165cea927d1a7ce6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/bzwz0bouQcmuyLttCVluO2ApJyP.jpg?resize=300,450

138.199.37.231

200 OK

31 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/bzwz0bouQcmuyLttCVluO2ApJyP.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x447, components 3
Size
31 kB (30590 bytes)
Hash
bb91a33e4db0cd1ccc090074725d8196
3d373b05f5f8593fc43c774eee207cb81221af0d
0f654c2a45d9e8fb2d019e35de47e1b944f0f9593e96143d677e63a292b831b4

HTTP Headers

GET /t/p/w300/bzwz0bouQcmuyLttCVluO2ApJyP.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 30590
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65ed2a9b-777e"
last-modified: Sun, 10 Mar 2024 03:35:55 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 793
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/18/2024 15:01:54
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: 0c9d2313aa511a879e109bcd42c93cc3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/ws4j7NX3aeAfB85rfJfuv0K5PYk.jpg?resize=300,450

138.199.37.231

24 kB

URL
image.tmdb.org/t/p/w300/ws4j7NX3aeAfB85rfJfuv0K5PYk.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x447, components 3
Size
24 kB (24424 bytes)
Hash
8d4a84e68c95e6b74230b80c229a768e
aba3d82e623c02070c54489685b58a4ed9429a4c
996d9b5db003c83fbea279bfd5e70f985eab26a5051b8b105c3af57bc0670ee8

HTTP Headers

GET /t/p/w300/ws4j7NX3aeAfB85rfJfuv0K5PYk.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 24424
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65f61556-5f68"
last-modified: Sat, 16 Mar 2024 21:55:34 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 794
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 11:53:07
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: ad917fac84526d0701c18db95c3ad027
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/c9CimSXpgaIyagGSJUXN84T9ZfM.jpg?resize=300,450

138.199.37.231

200 OK

25 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/c9CimSXpgaIyagGSJUXN84T9ZfM.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
25 kB (25436 bytes)
Hash
8d3bfd54c5257b89bbaf4e73a6d1e858
178d7fcf0a12c44d4f3871635fc9e06a2a893a25
e5f92ed848baa5756c04938f6cbd0950b25d56dda672995abc14bfd7d751b120

HTTP Headers

GET /t/p/w300/c9CimSXpgaIyagGSJUXN84T9ZfM.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 25436
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
alt-svc: h3=":443"
cache-control: public, max-age=31919000
etag: "60631b7e2bf75a9f5584752ecc7bef7d"
last-modified: Mon, 29 Apr 2024 10:14:19 GMT
perma-cache: MISS
imagery: degrade=83, sample=2x2, difference=1.279
cache-tag: c9CimSXpgaIyagGSJUXN84T9ZfM
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/29/2024 10:22:36
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: 55c483d732881ddd7a081f7ccc1c810a
cdn-cache: HIT
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/z3iSTri1bRHGlj0v8sP1xD7BCV.jpg?resize=300,450

138.199.37.231

200 OK

21 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/z3iSTri1bRHGlj0v8sP1xD7BCV.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x447, components 3
Size
21 kB (20812 bytes)
Hash
6bf4d6040add1109472221effb310040
5c64fc7cf3dba72e93d709dd7a49bceb5d25a302
8164a323825b5928bcc34bcfd87afe0bb5c8446975b5f71aec111a1fe3a2c1c0

HTTP Headers

GET /t/p/w300/z3iSTri1bRHGlj0v8sP1xD7BCV.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 20812
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "66728984-514c"
last-modified: Wed, 19 Jun 2024 07:32:20 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 833
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/20/2024 23:16:41
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 48fb4905f28d99b40e8ec806ca02426c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/oceifJ5EG8nQ3Qt5yPwkfsgdW3y.jpg?resize=300,450

138.199.37.231

200 OK

19 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/oceifJ5EG8nQ3Qt5yPwkfsgdW3y.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x447, components 3
Size
19 kB (19376 bytes)
Hash
4fcdf9b9bef5451af2ca46421a910b00
f6bc6d2a62decd8323e2d973fe288eb45bdbf621
1c157357d5b9b28c643ed433c01aec03128f82da049ec318703611438f3d8b40

HTTP Headers

GET /t/p/w300/oceifJ5EG8nQ3Qt5yPwkfsgdW3y.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 19376
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "648e7885-4bb0"
last-modified: Sun, 18 Jun 2023 03:22:45 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 15:21:39
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: ed9d3809c6f63f0af85cfbdeda05bee1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/yCQmnvxFNig3ybLXg8qccMkhNQ1.jpg?resize=300,450

138.199.37.231

20 kB

URL
image.tmdb.org/t/p/w300/yCQmnvxFNig3ybLXg8qccMkhNQ1.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x431, components 3
Size
20 kB (19759 bytes)
Hash
f75052bc87d90c7fc0385fbfb766a987
d3badbbd360b2d9bbee3026c8fa89da84a41dacc
72163655af2777421d80ea6d65f375cbe535d5a4478284adacf15699e5451da6

HTTP Headers

GET /t/p/w300/yCQmnvxFNig3ybLXg8qccMkhNQ1.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 19759
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "627dd8f3-4d2f"
last-modified: Fri, 13 May 2022 04:05:07 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 09:10:24
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: ad91aefcf6c809f6a701055aa16c7d43
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/wz0eh4VGwzRvlhGxojcNyMI9Uz1.jpg?resize=300,450

138.199.37.231

200 OK

30 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/wz0eh4VGwzRvlhGxojcNyMI9Uz1.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x451, components 3
Size
30 kB (29631 bytes)
Hash
e5153d694d96fa46f0504093db7b9d55
bed5e51378ff614e18a2f5f3231fc9831330da14
11d15bc4bb36935188eeab66ed61583c91f782555fdd70dc8b3c9c1256ae5a93

HTTP Headers

GET /t/p/w300/wz0eh4VGwzRvlhGxojcNyMI9Uz1.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 29631
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62efd6e6-73bf"
last-modified: Sun, 07 Aug 2022 15:14:46 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/20/2024 21:49:01
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: 6f92c2c01bbde8d4e8db5bac8714f016
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/o6dvI6hmlNOm8DEzHYTQJwWWhoL.jpg?resize=300,450

138.199.37.231

200 OK

26 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/o6dvI6hmlNOm8DEzHYTQJwWWhoL.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
26 kB (26260 bytes)
Hash
5ebe0460cee61bf31c83542722a45051
8626f4e2104ee718739cc9d0eacc66ee38e67194
d68229f7987f45831fe54431f5fe6b18d74aa4317771a772d652e2eb568f3012

HTTP Headers

GET /t/p/w300/o6dvI6hmlNOm8DEzHYTQJwWWhoL.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 26260
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "665f43e9-6694"
last-modified: Tue, 04 Jun 2024 16:42:17 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 794
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/18/2024 20:00:09
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: 0ffe8dee65766b8d90bc64e2eec3fc33
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/ucD5qAIf7jZi5WcDkitQZWj3fRK.jpg?resize=300,450

138.199.37.231

200 OK

22 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/ucD5qAIf7jZi5WcDkitQZWj3fRK.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
22 kB (22249 bytes)
Hash
03418043276122a9795dbae9585239f1
6bb90d9891d3c7d91903601134ec89021006db56
540dc873eb0e91fd46e2ac3fd2862abdb8ac4d509758d27b9f48669c9d1ab624

HTTP Headers

GET /t/p/w300/ucD5qAIf7jZi5WcDkitQZWj3fRK.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 22249
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "66525fda-56e9"
last-modified: Sat, 25 May 2024 22:02:02 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 793
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/25/2024 23:15:42
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: b1e674c76f006de34de83ca6c657624f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/nnRxDa4Q6AO9ZWZm8SSx45g7h16.jpg?resize=300,450

138.199.37.231

26 kB

URL
image.tmdb.org/t/p/w300/nnRxDa4Q6AO9ZWZm8SSx45g7h16.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x431, components 3
Size
26 kB (25968 bytes)
Hash
e512d8a4185ee554f5487b58c3849829
9865a90df8262d2007c7d77ad80418218abd0f4e
5e67ccd85c505829be877a3df6cc6d5f22c4c1c5123099d8686915ca142f34f8

HTTP Headers

GET /t/p/w300/nnRxDa4Q6AO9ZWZm8SSx45g7h16.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 25968
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62770388-6570"
last-modified: Sat, 07 May 2022 23:40:56 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/20/2024 21:47:25
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 06cd3448a272abccf427f93e27d2b50c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/7Dktk2ST6aL8h9Oe5rpk903VLhx.jpg?resize=300,450

138.199.37.231

40 kB

URL
image.tmdb.org/t/p/w300/7Dktk2ST6aL8h9Oe5rpk903VLhx.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
40 kB (39965 bytes)
Hash
a17bed90cac1c5e3e97216c2e99dfcd5
a597b8f3839d9f972857cd45fe5fb10d00f82cff
b4ba8d2173a06a0d8318ae36204672209ca41d81fa32a9624d8a2c925975543f

HTTP Headers

GET /t/p/w300/7Dktk2ST6aL8h9Oe5rpk903VLhx.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 39965
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272c08a-9c1d"
last-modified: Wed, 04 May 2022 18:06:02 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 02:17:31
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 299419710d707b8143778a8d7289b7d7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/msvW9cpYTiupbZUb3KYDli02Y3e.jpg?resize=300,450

138.199.37.231

200 OK

33 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/msvW9cpYTiupbZUb3KYDli02Y3e.jpg?resize=300,450
IP
138.199.37.231:443
ASN
#60068 Datacamp Limited

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x433, components 3
Size
33 kB (32639 bytes)
Hash
de1d79364583efb01a0a80fa80d0658c
c1059962c719c4037425ccf25c1e2b6bb98b2f11
bf0c68611af34b7659d6d4de4f77b12485375eaae8b252bace464a9a6ad27cbe

HTTP Headers

GET /t/p/w300/msvW9cpYTiupbZUb3KYDli02Y3e.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 32639
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62d27ea6-7f7f"
last-modified: Sat, 16 Jul 2022 09:02:30 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 06/21/2024 09:10:24
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: b1a6036ab32755b5572f36f3d93d240b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/A81kDB6a1K86YLlcOtZB27jriJh.jpg?resize=300,450

138.199.37.231

39 kB

URL
image.tmdb.org/t/p/w300/A81kDB6a1K86YLlcOtZB27jriJh.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
39 kB (39289 bytes)
Hash
984eeaa47dab3d4e0d75f1e66da25eac
eebb3835c6b9f5dda8d223bd618d4f88eb18e884
ad66222b34a1485bb7be165b258cbb094830e36fbea26aeb43dae12f22f30fed

HTTP Headers

GET /t/p/w300/A81kDB6a1K86YLlcOtZB27jriJh.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 39289
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272de29-9979"
last-modified: Wed, 04 May 2022 20:12:25 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 18:51:00
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 87d2beca53967a1725197d46d34ebdb9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/vgpXmVaVyUL7GGiDeiK1mKEKzcX.jpg?resize=300,450

138.199.37.231

54 kB

URL
image.tmdb.org/t/p/w300/vgpXmVaVyUL7GGiDeiK1mKEKzcX.jpg?resize=300,450
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint69:61:DE:C7:B9:B7:2C:B3:BF:2B:9C:40:3E:78:23:EF:B6:C0:11:BB
ValidityFri, 24 May 2024 16:08:33 GMT - Thu, 22 Aug 2024 16:08:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
54 kB (54316 bytes)
Hash
fb68b70b694b8fd643f769f133ca6f33
c1a835464dd10f52209ed27a00a6f76adb56479a
d3311c2af55e221fb1e897936ae56575d072ed140a49763aba0214a24a808179

HTTP Headers

GET /t/p/w300/vgpXmVaVyUL7GGiDeiK1mKEKzcX.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: image/jpeg
content-length: 54316
server: BunnyCDN-DE1-863
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272c83b-d42c"
last-modified: Wed, 04 May 2022 18:38:51 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 03/08/2024 05:28:32
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 5a2818983f83459162d73f8e38809976
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.33.119.57

504 B

URL
r10.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
502e41c8ce7cb516667e0322705e2a65
28096d17092e2c302091ebc0b22d15fa68482145
25488688fcafa63b0da36fabc31b2cb83f2404b8df46fd3b4ba132c42e7a1ce0

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "25488688FCAFA63B0DA36FABC31B2CB83F2404B8DF46FD3B4BA132C42E7A1CE0"
Last-Modified: Fri, 21 Jun 2024 21:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1944
Expires: Sat, 22 Jun 2024 10:16:53 GMT
Date: Sat, 22 Jun 2024 09:44:29 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
83815efd9f84802add2dd8ae9657fb40
093ee264304e5c31cf3888c46725afd9a3a7de23
52562353d3477856a268cfc35f9c7104787b4a08c376cf7229f27b4542481d84

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Jun 2024 09:44:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css

172.67.142.245

7.3 kB

URL
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP
172.67.142.245:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30343)
Size
7.3 kB (7259 bytes)
Hash
36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

HTTP Headers

GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/3db27005e3.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 786109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQnV86guc6zWLEB8priNhGoxghCnEVWvZFB%2BJ%2FuJG%2F7OEW8nPanNYa2PO%2FL%2F1MrrFRvGZ%2BmOvqho1lBCi6kOrNc3UHN5pPx6FNulOJM4wyZWCWe4TGAdcc6oECNik3aB0lDSpM8z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cd1af7456b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
5809b163bae73727f1256e4f66e3060a
76b1378672e10902437e0c27ea0a3a2c46458535
3ac3fe8bdc142725435b11bdf2b5bee75efb88006fd10edfd4795f037cd03c70

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3AC3FE8BDC142725435B11BDF2B5BEE75EFB88006FD10EDFD4795F037CD03C70"
Last-Modified: Fri, 21 Jun 2024 22:31:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Sat, 22 Jun 2024 15:44:16 GMT
Date: Sat, 22 Jun 2024 09:44:29 GMT
Connection: keep-alive

pl20747854.highcpmgate.com/80/38/37/80383758cfe1b0b219f4536851675fba.js

172.240.108.76

200 OK

31 kB

URL GET HTTP/1.1
pl20747854.highcpmgate.com/80/38/37/80383758cfe1b0b219f4536851675fba.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjecthighcpmgate.com
FingerprintDD:4D:37:A2:BF:71:9A:72:EB:F5:0F:5D:50:99:95:53:00:1C:F1:5C
ValidityWed, 19 Jun 2024 07:54:35 GMT - Tue, 17 Sep 2024 07:54:34 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30702 bytes)
Hash
428fced7d7c764354c1ab6623946eab3
72cdf90baaa18196c27a87844c7b61e0f1f9f11c
09ee6bfdb561d7fcee6ba9693fdeb9220541ef18bc1870038c5c9fbfa3177074

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /80/38/37/80383758cfe1b0b219f4536851675fba.js HTTP/1.1
Host: pl20747854.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3b1c84ab7b3193941efcca19f9bd0ffc
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hedwigmonday.com/143a0214fdb4468e044d82ccbfdc024f/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
hedwigmonday.com/143a0214fdb4468e044d82ccbfdc024f/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjecthedwigmonday.com
Fingerprint80:3F:CB:AC:17:94:4B:DE:5F:6E:62:4B:D6:A2:CF:7F:16:05:74:E4
ValiditySun, 09 Jun 2024 07:32:06 GMT - Sat, 07 Sep 2024 07:32:05 GMT

File type
JavaScript source, ASCII text, with very long lines (31313), with no line terminators
Size
12 kB (11823 bytes)
Hash
f7594c1ad8b332d81f0329a15eaf1d1b
a4783b29171aec1e4283c618083385176deb8e38
7625ab0913fd83dd650763a931b68b6085d35d8f97ae65c9844b4acc0675fd4d

HTTP Headers

GET /143a0214fdb4468e044d82ccbfdc024f/invoke.js HTTP/1.1
Host: hedwigmonday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1e542d07fd2aa26e468c6738da9d94f2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

hedwigmonday.com/04db836545d2d16ed53e50f310dc9895/invoke.js

192.243.61.227

12 kB

URL
hedwigmonday.com/04db836545d2d16ed53e50f310dc9895/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecthedwigmonday.com
Fingerprint80:3F:CB:AC:17:94:4B:DE:5F:6E:62:4B:D6:A2:CF:7F:16:05:74:E4
ValiditySun, 09 Jun 2024 07:32:06 GMT - Sat, 07 Sep 2024 07:32:05 GMT

File type
JavaScript source, ASCII text, with very long lines (31244), with no line terminators
Size
12 kB (11804 bytes)
Hash
c20afb359a6b9490f2a210495e48a0ce
715620630bebde2b97429d0be451afe3dfb9e4e5
3a68206be5e94ba0365b8be032f92fac3028e9a5e752f2aa69d2e9057bc5b1de

HTTP Headers

GET /04db836545d2d16ed53e50f310dc9895/invoke.js HTTP/1.1
Host: hedwigmonday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 50eb56e48d42a4f97f1c5da40f5acbbe
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

172.67.142.245

200 OK

77 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 733905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NMdIL7VItHzO1sPj1r%2Bx9YDwl0SRo%2FALnSrh0uxMp8DvAc3sG8Rqx4XsGlXxyeM8JutsHQ5Rc49jZl0TnZioguYJ6ZKxih%2B3zZXlkxu0Mz9WLWGZ%2FUJ6B17n9nXSjV4EWKTS%2B%2Fbq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cd44a6556b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
20f9878268269e27fe094b2ee5f55515
5fd358ae1a07fe63413a1cc6e0cd7bb33873b8f9
7522b8bfc8d5ee0d42d510c18e1bd451101c5ae00f708ca0bac3241bc76b54a5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 22 Jun 2024 09:44:30 GMT
Last-Modified: Sat, 22 Jun 2024 09:31:08 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LYdP4sN-8I8hKBfjLyMkcnum-9sQ2aIqYCK1GmuFtoPgKKGnHUOfrg==
Age: 803

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8e8392ec6668ae1884c05c42c64ad70e
a718583b172836cdbcf4763fe63c27ca334b33ed
07d7adb5c72990eff9b2a9335743eb769d57bcbeba835e6d31b21545ef3d36ed

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Jun 2024 09:44:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8e8392ec6668ae1884c05c42c64ad70e
a718583b172836cdbcf4763fe63c27ca334b33ed
07d7adb5c72990eff9b2a9335743eb769d57bcbeba835e6d31b21545ef3d36ed

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Jun 2024 09:44:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

142.250.74.67

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint78:DC:A6:9E:E8:DF:26:D4:6F:A0:54:48:4B:48:74:34:3F:3D:F6:23
ValidityMon, 03 Jun 2024 07:32:58 GMT - Mon, 26 Aug 2024 07:32:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jun 2024 04:51:21 GMT
expires: Sat, 21 Jun 2025 04:51:21 GMT
cache-control: public, max-age=31536000
age: 103989
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2

142.250.74.67

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint78:DC:A6:9E:E8:DF:26:D4:6F:A0:54:48:4B:48:74:34:3F:3D:F6:23
ValidityMon, 03 Jun 2024 07:32:58 GMT - Mon, 26 Aug 2024 07:32:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30028, version 1.0
Size
30 kB (30028 bytes)
Hash
80c9d764f1d2ba9ecf7a9a13bd017e5c
589690ae9abd70de0ed9bd4834298a1f4690e1ef
6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jun 2024 08:21:19 GMT
expires: Sat, 21 Jun 2025 08:21:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:45:59 GMT
content-type: font/woff2
age: 91391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.192.184.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.192.184.0:443
ASN
#16509 AMAZON-02

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ca9f9048cf66a02927b227eb5f02c050
dedf8769176d25b04e4cad5ac1303908d143aa68
e3a152b7ab5a2964d8ead89737ffe7300d24924f148a48be51c208efdf18c706

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://watching.nwsautodaily.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=afc92384-32a5-4435-8e16-0f3225f74a8b:1:1; expires=Tue, 20 Jun 2034 09:44:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.192.184.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.192.184.0:443
ASN
#16509 AMAZON-02

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
77ebb297c588fe0fd8f99f13daa03264
42d0a38fcb2c2226782dc698a0f6a61dd53c7d12
8e51b38b0c5cbaa9f58de850b63f544bdd2af71f198df314d8bc547363fd4c12

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://watching.nwsautodaily.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=16795956-5927-4528-a09f-f2985534377c:1:1; expires=Tue, 20 Jun 2034 09:44:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afT3GLRrX.woff2

142.250.74.67

12 kB

URL
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afT3GLRrX.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint78:DC:A6:9E:E8:DF:26:D4:6F:A0:54:48:4B:48:74:34:3F:3D:F6:23
ValidityMon, 03 Jun 2024 07:32:58 GMT - Mon, 26 Aug 2024 07:32:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11816, version 1.0
Size
12 kB (11816 bytes)
Hash
b5b806dddca8faf8d71d1a0ecf98dd10
485fcdb73e45e49bf851f3ad8ccf1e33b83f5e30
88f27bc04b46e288d95a087776db3cd30cce45a9b5b23c7942e79fefd5b48b2c

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afT3GLRrX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jun 2024 08:09:11 GMT
expires: Sat, 21 Jun 2025 08:09:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:46:08 GMT
content-type: font/woff2
age: 92119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.192.184.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.192.184.0:443
ASN
#16509 AMAZON-02

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
77ebb297c588fe0fd8f99f13daa03264
42d0a38fcb2c2226782dc698a0f6a61dd53c7d12
8e51b38b0c5cbaa9f58de850b63f544bdd2af71f198df314d8bc547363fd4c12

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Cookie: uid_id2=16795956-5927-4528-a09f-f2985534377c:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://watching.nwsautodaily.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8e8392ec6668ae1884c05c42c64ad70e
a718583b172836cdbcf4763fe63c27ca334b33ed
07d7adb5c72990eff9b2a9335743eb769d57bcbeba835e6d31b21545ef3d36ed

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Jun 2024 09:44:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

watching.nwsautodaily.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.154.8

302 Found

0 B

URL GET HTTP/3
watching.nwsautodaily.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 22 Jun 2024 09:44:30 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPxyPZpt1ez4R6A0%2BBakNyO2B2PgWJN3F7cX%2FyvqTy7RRApWQIqsGgJZ0lZdoXw3wBYTkORRzzylyw6kmUvZr8Ze5P8a3kJJSNbL6GesOK5hnzmpB6n%2FBAxXDtzU8nRDm1guIgB6Yf8qGsvi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 897b4cd6f91756b1-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

142.250.74.67

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint78:DC:A6:9E:E8:DF:26:D4:6F:A0:54:48:4B:48:74:34:3F:3D:F6:23
ValidityMon, 03 Jun 2024 07:32:58 GMT - Mon, 26 Aug 2024 07:32:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jun 2024 04:51:21 GMT
expires: Sat, 21 Jun 2025 04:51:21 GMT
cache-control: public, max-age=31536000
age: 103989
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

resignedcamelplumbing.com/pixel/purst?dl=0&th=0&sc=0&rs=2707&rd=2707&fd=871&bv=24.5.8230&tmpl=70

192.243.59.20

0 B

URL
resignedcamelplumbing.com/pixel/purst?dl=0&th=0&sc=0&rs=2707&rd=2707&fd=871&bv=24.5.8230&tmpl=70
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2707&rd=2707&fd=871&bv=24.5.8230&tmpl=70 HTTP/1.1
Host: resignedcamelplumbing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

watching.nwsautodaily.com/cdn-cgi/challenge-platform/h/b/jsd/r/897b4cc6daf956a4

172.67.154.8

200 OK

0 B

URL POST HTTP/3
watching.nwsautodaily.com/cdn-cgi/challenge-platform/h/b/jsd/r/897b4cc6daf956a4
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/897b4cc6daf956a4 HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12198
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
Cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.nwsautodaily.com; HttpOnly; Secure; SameSite=None
cf_clearance=Yz8UwfdYO9wP5rEFqbaxKf_0SaeH1G.9LA7j_kxwtQQ-1719049470-1.0.1.1-om3zh1HByyPJxbDGICzft9.UVtJ3b6uA8NDHK4AbRZK8Ssi_7dKfieVRMchO_7Liw0Bnji5WGn7r.uI.zsijeQ; Path=/; Expires=Sun, 22-Jun-25 09:44:30 GMT; Domain=.nwsautodaily.com; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fw1URVZzlh39oqf8tz49qp2fHgBWn%2BuDNMiSy9oHN68SJ5M1D8a27qIrAnxYu7N4UqKGtk9lMs77hBJsAMnXZUfYB19TMCd81gwslUspJcoWxYGNsGBf8in51gAF0zhemxxgBaXqbTRW6KZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cd8ab6d56b1-OSL
alt-svc: h3=":443"; ma=86400

watching.nwsautodaily.com/favicon.ico

172.67.154.8

200 OK

0 B

URL GET HTTP/3
watching.nwsautodaily.com/favicon.ico
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
Cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 22 Jun 2024 09:44:31 GMT
content-type: image/x-icon
content-length: 0
cache-control: public, max-age=604800
expires: Thu, 20 Jun 2024 21:52:48 GMT
etag: "0-5d17c4ba-c21eb;;;"
last-modified: Sat, 29 Jun 2019 20:06:18 GMT
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krpVlDVl54rQtb01ROjrdvToaApul68M7UGtn7joxPhZpkR3Lfhk4YPuOnXEANiRGIxAtDZkURLCK%2BdIFxq%2Bd7ByUTMBGF13GmxEqqJNM96z2DI85f3NUMiHvDNdkl%2BxhRmPscJgdPtvf9on"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 897b4cd8bb8256b1-OSL

resignedcamelplumbing.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
resignedcamelplumbing.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectresignedcamelplumbing.com
FingerprintC3:DE:35:D7:35:B6:6B:A2:BC:0E:9A:9E:44:F1:4C:68:0C:34:FF:AB
ValidityMon, 03 Jun 2024 15:16:57 GMT - Sun, 01 Sep 2024 15:16:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: resignedcamelplumbing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://watching.nwsautodaily.com/
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:31 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

resignedcamelplumbing.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
resignedcamelplumbing.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectresignedcamelplumbing.com
FingerprintC3:DE:35:D7:35:B6:6B:A2:BC:0E:9A:9E:44:F1:4C:68:0C:34:FF:AB
ValidityMon, 03 Jun 2024 15:16:57 GMT - Sun, 01 Sep 2024 15:16:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: resignedcamelplumbing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://watching.nwsautodaily.com/
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:31 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

capaciousdrewreligion.com/advertisers.js

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:31 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 310cf957983446e2b684cfc80a7f4472
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

astonishingpenknifeprofessionally.com/watch.1660898550062.js?key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
astonishingpenknifeprofessionally.com/watch.1660898550062.js?key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectastonishingpenknifeprofessionally.com
Fingerprint8C:4A:CA:89:92:A3:9C:B1:21:F3:5E:9B:60:4C:F7:14:54:BD:BA:E3
ValidityMon, 03 Jun 2024 15:19:55 GMT - Sun, 01 Sep 2024 15:19:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1660898550062.js?key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1 HTTP/1.1
Host: astonishingpenknifeprofessionally.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://watching.nwsautodaily.com
Access-Control-Allow-Origin: https://watching.nwsautodaily.com
Access-Control-Allow-Credentials: true
Location: https://astonishingpenknifeprofessionally.com/watch.1660898550062.js?dev=e&key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049531&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=58d9ede38e3c80c4834538cc5ce0129517e4d0d04f6050aafe900b5669a8c5d0b45d676ef4dfa3e1bdf800ab5cc84f2e2f258bf96096ab9a730f79b1544f958734e18270108e6e3e2fe151ccd9324379db397bcaba3390260e23947044f9dfee&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
Set-Cookie: u_pl=18925025; expires=Sun, 23 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODkyNTAyNSwiayI6IjE0M2EwMjE0ZmRiNDQ2OGUwNDRkODJjY2JmZGMwMjRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDAyMzUzLCJwaWQiOjM0ODI5MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjozMiwicHQiOjQsInBrIjoic2tmMWE1NDkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93YXRjaGluZy5ud3NhdXRvZGFpbHkuY29tL3JvL21vdmllLzEyNjU2NjIiLCJhciI6W119fQ.11OvqTKOgQ5JBfnjo2fi5BPOwDPXjEjoVT5WJIuMF08; expires=Sat, 22 Jun 2024 09:45:31 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7ae08df09098c7fd6932f3326561d17e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

resignedcamelplumbing.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
resignedcamelplumbing.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectresignedcamelplumbing.com
FingerprintC3:DE:35:D7:35:B6:6B:A2:BC:0E:9A:9E:44:F1:4C:68:0C:34:FF:AB
ValidityMon, 03 Jun 2024 15:16:57 GMT - Sun, 01 Sep 2024 15:16:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: resignedcamelplumbing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

resignedcamelplumbing.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
resignedcamelplumbing.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectresignedcamelplumbing.com
FingerprintC3:DE:35:D7:35:B6:6B:A2:BC:0E:9A:9E:44:F1:4C:68:0C:34:FF:AB
ValidityMon, 03 Jun 2024 15:16:57 GMT - Sun, 01 Sep 2024 15:16:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: resignedcamelplumbing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

astonishingpenknifeprofessionally.com/watch.1660898550062.js?dev=e&key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049531&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=58d9ede38e3c80c4834538cc5ce0129517e4d0d04f6050aafe900b5669a8c5d0b45d676ef4dfa3e1bdf800ab5cc84f2e2f258bf96096ab9a730f79b1544f958734e18270108e6e3e2fe151ccd9324379db397bcaba3390260e23947044f9dfee&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1

172.240.253.132

2.1 kB

URL
astonishingpenknifeprofessionally.com/watch.1660898550062.js?dev=e&key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049531&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=58d9ede38e3c80c4834538cc5ce0129517e4d0d04f6050aafe900b5669a8c5d0b45d676ef4dfa3e1bdf800ab5cc84f2e2f258bf96096ab9a730f79b1544f958734e18270108e6e3e2fe151ccd9324379db397bcaba3390260e23947044f9dfee&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
IP
172.240.253.132:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subjectastonishingpenknifeprofessionally.com
Fingerprint8C:4A:CA:89:92:A3:9C:B1:21:F3:5E:9B:60:4C:F7:14:54:BD:BA:E3
ValidityMon, 03 Jun 2024 15:19:55 GMT - Sun, 01 Sep 2024 15:19:54 GMT

File type
JavaScript source, ASCII text, with very long lines (2666)
Size
2.1 kB (2123 bytes)
Hash
8ca3876ebe2e0b50b9b5d8bc59d3066f
e8946596344e15adaad19260cf2f39b4783833ce
0d2d85cbf7f37950ebc12c3b5f97adfa428b86a03ea9ff8cf01c43c4356126b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1660898550062.js?dev=e&key=143a0214fdb4468e044d82ccbfdc024f&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049531&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=58d9ede38e3c80c4834538cc5ce0129517e4d0d04f6050aafe900b5669a8c5d0b45d676ef4dfa3e1bdf800ab5cc84f2e2f258bf96096ab9a730f79b1544f958734e18270108e6e3e2fe151ccd9324379db397bcaba3390260e23947044f9dfee&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1 HTTP/1.1
Host: astonishingpenknifeprofessionally.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
Referer: https://watching.nwsautodaily.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18925025; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODkyNTAyNSwiayI6IjE0M2EwMjE0ZmRiNDQ2OGUwNDRkODJjY2JmZGMwMjRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDAyMzUzLCJwaWQiOjM0ODI5MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjozMiwicHQiOjQsInBrIjoic2tmMWE1NDkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93YXRjaGluZy5ud3NhdXRvZGFpbHkuY29tL3JvL21vdmllLzEyNjU2NjIiLCJhciI6W119fQ.11OvqTKOgQ5JBfnjo2fi5BPOwDPXjEjoVT5WJIuMF08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://watching.nwsautodaily.com
Access-Control-Allow-Origin: https://watching.nwsautodaily.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=16795956-5927-4528-a09f-f2985534377c:1:1; expires=Sat, 29 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
iprc348fd23b42672fa1606729c92b41ebd4=3570421; expires=Sat, 22 Jun 2024 13:44:31 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 23 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 23 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
pdhtkv32=true; expires=Sun, 23 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
uncs32=1; expires=Sun, 23 Jun 2024 09:44:31 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a07dac402b6e4c1073d65ebaac01d703
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

watching.nwsautodaily.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

172.67.154.8

200 OK

4.1 kB

URL GET HTTP/3
watching.nwsautodaily.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type
JavaScript source, ASCII text, with very long lines (7818), with no line terminators
Size
4.1 kB (4130 bytes)
Hash
755cc81e41c4bc2fa553f0377efd4437
cf9cdce6d150e9cbb793977df31a86f4a82655ac
5111e0af1ece677120dee85cc3eafc71f42183699bd3f1c581d73c54b9a9b552

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67ayfxDWfdsXNW9RCU1Hh5k8KKUA3p7AHdEV72Uhw0yRjWvtKRkyaaDWVaQ4w%2F%2F41kv8BbVDc5KXGiMmvoCYZ3ehL1uEP1pcKLUuKZYK6NOJPNaE1BDjouAj45gQB%2BY48PkJtTlqeIKz0j78"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 897b4cd7598656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg

45.133.44.9

200 OK

25 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC0:36:FD:5D:4E:7E:6F:E0:13:60:82:58:0C:BC:8B:40:A2:6B:2C:22
ValidityTue, 21 May 2024 05:00:31 GMT - Mon, 19 Aug 2024 05:00:30 GMT

File type
JPEG image data, baseline, precision 8, 320x50, components 3
Size
25 kB (24714 bytes)
Hash
d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd

HTTP Headers

GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:32 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Mon, 24 Jun 2024 09:44:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

burntclear.com/watch.221173983959.js?key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
burntclear.com/watch.221173983959.js?key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectburntclear.com
FingerprintE2:5C:CF:8B:D9:E2:D2:5B:7B:49:F6:55:10:F5:B6:90:B6:CA:78:F1
ValidityMon, 03 Jun 2024 15:20:33 GMT - Sun, 01 Sep 2024 15:20:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.221173983959.js?key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&tz=0&dev=e&res=14.2071&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1 HTTP/1.1
Host: burntclear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://watching.nwsautodaily.com
Access-Control-Allow-Origin: https://watching.nwsautodaily.com
Access-Control-Allow-Credentials: true
Location: https://burntclear.com/watch.221173983959.js?dev=e&key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049532&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=46a754f948e3ce7c752d1022dea2f26c31beae620989ff9272191d0f9fe5233a91ba908893c6957bf3248cf42dbd462e8744fbee31cc89de1e753437b5df33ddf282521c0235bae974c0ad7548018c873a04d0c90ad11bfea1b51cf7924c&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
Set-Cookie: u_pl=20448826; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQ0ODgyNiwiayI6IjA0ZGI4MzY1NDVkMmQxNmVkNTNlNTBmMzEwZGM5ODk1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDAyMzUzLCJwaWQiOjM0ODI5MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiaDQ0dDg3djZqdyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhdGNoaW5nLm53c2F1dG9kYWlseS5jb20vcm8vbW92aWUvMTI2NTY2MiIsImFyIjpbXX19.nZ5H82zgbuVRN03fKsO0ttJUsK2NQR6YW8ozuSgtetQ; expires=Sat, 22 Jun 2024 09:45:32 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7e454ad94fed5b92c9c44c3b444068a8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=16795956-5927-4528-a09f-f2985534377c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=80383758cfe1b0b219f4536851675fba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.59.12

1 B

URL
unseenreport.com/pxf.gif?uuid=16795956-5927-4528-a09f-f2985534377c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=80383758cfe1b0b219f4536851675fba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=16795956-5927-4528-a09f-f2985534377c&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=80383758cfe1b0b219f4536851675fba&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 22 Jun 2024 09:44:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e07b739f9af4063e2affd7d1e5a77330
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

burntclear.com/watch.221173983959.js?dev=e&key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049532&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=46a754f948e3ce7c752d1022dea2f26c31beae620989ff9272191d0f9fe5233a91ba908893c6957bf3248cf42dbd462e8744fbee31cc89de1e753437b5df33ddf282521c0235bae974c0ad7548018c873a04d0c90ad11bfea1b51cf7924c&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1

172.240.108.68

200 OK

2.0 kB

URL GET HTTP/1.1
burntclear.com/watch.221173983959.js?dev=e&key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049532&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=46a754f948e3ce7c752d1022dea2f26c31beae620989ff9272191d0f9fe5233a91ba908893c6957bf3248cf42dbd462e8744fbee31cc89de1e753437b5df33ddf282521c0235bae974c0ad7548018c873a04d0c90ad11bfea1b51cf7924c&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectburntclear.com
FingerprintE2:5C:CF:8B:D9:E2:D2:5B:7B:49:F6:55:10:F5:B6:90:B6:CA:78:F1
ValidityMon, 03 Jun 2024 15:20:33 GMT - Sun, 01 Sep 2024 15:20:32 GMT

File type
JavaScript source, ASCII text, with very long lines (2533)
Size
2.0 kB (2047 bytes)
Hash
e10d44f60eda396d9c12e5a9e7fab2b9
1d9d041ef8a8a5d956346738438318cb1859a02c
454381c686c21d0846b487c0b7e64078e45a910b5d953dfdd3c4257fba7dbeb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.221173983959.js?dev=e&key=04db836545d2d16ed53e50f310dc9895&kw=%5B%22urm%C4%83re%C8%99te%22%2C%22buzz%22%2C%22house%22%2C%22the%22%2C%22movie%22%2C%22filmul%22%2C%22complet%22%2C%22online%22%2C%22gratuit%22%5D&pst=1719049532&refer=https%3A%2F%2Fwatching.nwsautodaily.com%2Fro%2Fmovie%2F1265662&res=14.2071&rmtc=t&shu=46a754f948e3ce7c752d1022dea2f26c31beae620989ff9272191d0f9fe5233a91ba908893c6957bf3248cf42dbd462e8744fbee31cc89de1e753437b5df33ddf282521c0235bae974c0ad7548018c873a04d0c90ad11bfea1b51cf7924c&tz=0&uuid=16795956-5927-4528-a09f-f2985534377c%3A1%3A1 HTTP/1.1
Host: burntclear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://watching.nwsautodaily.com
Referer: https://watching.nwsautodaily.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20448826; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQ0ODgyNiwiayI6IjA0ZGI4MzY1NDVkMmQxNmVkNTNlNTBmMzEwZGM5ODk1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDAyMzUzLCJwaWQiOjM0ODI5MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiaDQ0dDg3djZqdyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhdGNoaW5nLm53c2F1dG9kYWlseS5jb20vcm8vbW92aWUvMTI2NTY2MiIsImFyIjpbXX19.nZ5H82zgbuVRN03fKsO0ttJUsK2NQR6YW8ozuSgtetQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 22 Jun 2024 09:44:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://watching.nwsautodaily.com
Access-Control-Allow-Origin: https://watching.nwsautodaily.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=16795956-5927-4528-a09f-f2985534377c:1:1; expires=Sat, 29 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
iprcd3045eea82b37eaf6456b0cdf4d9cf3c=5260141; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Sun, 23 Jun 2024 09:44:32 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ded738db1217cadc1d40c29d87b22c63
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/4e/0b/ea/4e0beacc5ae59d42c01fe82af16b2757/1716313447.gif

45.133.44.9

200 OK

386 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/4e/0b/ea/4e0beacc5ae59d42c01fe82af16b2757/1716313447.gif
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC0:36:FD:5D:4E:7E:6F:E0:13:60:82:58:0C:BC:8B:40:A2:6B:2C:22
ValidityTue, 21 May 2024 05:00:31 GMT - Mon, 19 Aug 2024 05:00:30 GMT

File type
GIF image data, version 89a, 728 x 90
Size
386 kB (386184 bytes)
Hash
a64dc106669b261b9057bc62981cc460
3fb1eaf97dd48291d518ebdabbd5eb1fc27c5ee5
629302fd7b9901757d52b8fac726ae491a53944b82bdbc6caab062cc42c2d05e

HTTP Headers

GET /cti/4e/0b/ea/4e0beacc5ae59d42c01fe82af16b2757/1716313447.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:32 GMT
content-type: image/gif
content-length: 386184
server: nginx/1.21.6
last-modified: Tue, 21 May 2024 17:44:17 GMT
etag: "664cdd71-5e488"
expires: Mon, 24 Jun 2024 09:44:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Muli:300,400,700,800

142.250.74.106

9.6 kB

URL
fonts.googleapis.com/css?family=Muli:300,400,700,800
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
9.6 kB (9620 bytes)
Hash
344d5adb9992ebf77ad8f1bf41a30661
e5fd744ccb992d398211897c4a5a5377267ec36c
48624eb84c535ad4b354197e5c7ba489624b810e2a6d1b9853a70483ae32e571

HTTP Headers

GET /css?family=Muli:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Jun 2024 09:44:29 GMT
date: Sat, 22 Jun 2024 09:44:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

watching.nwsautodaily.com/assets/v1/js/s.js

172.67.154.8

200 OK

527 kB

URL GET HTTP/3
watching.nwsautodaily.com/assets/v1/js/s.js
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type

Size
527 kB (526749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/v1/js/s.js HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
Cookie: XSRF-TOKEN=eyJpdiI6InB4Wmo5bmVIaU1oQnQ3TGRUWXJHUFE9PSIsInZhbHVlIjoiZFdpUUxWSk1wNmZDRDlBbHJpaVNRenFQSkx5TFBLRkNTMnVFdGZYMFJZbm04Z3VIZG1lckIwNDFhQWhseFk0ayIsIm1hYyI6IjQxMzVhZGFiZjQ0OTBkYjRiNjhlMTkxNmQyNzlhNDAyYzE1OTEzNjk5ZDEyYzdmM2FlMTliNzNlZjVjOGIyZWMifQ%3D%3D; laravel_session=eyJpdiI6Ik9IaEtad0p1VlBDcUpETFFyUkdOcHc9PSIsInZhbHVlIjoiMWhQOTU3XC9ITDlSZ0w5dm1TSCtjWGFXdG9ZVnNJdGZUZ3M5RnpjQjNlVGtjWlwvT3dEXC9kM083bW5Zb1VTall3RCIsIm1hYyI6IjgwMTA4MjMxYTcwZTZiNjYzMjUwOWVmNzc3ZTkyNmJmNDMwMDVmNThkMDk1YzVjYzExODE4YmNjMTRlMTlhMjUifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: text/javascript
etag: W/"8099d-5d49676e-c2205;br"
last-modified: Tue, 06 Aug 2019 11:41:34 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXKdKu0JLsQMdGZyvL0UqAxRff8CmPEmUPA2zjLqlKxcDFd%2F8R1NiH5XnuULw2SD01gL2kgYRwP9pax%2B%2FYIDzzSqIXx1YGkOimpwM38ozBdG1M1B3%2BSiAd3P%2FCe18XmXSUBI%2BGbMCLRITO2A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cceb85d56b1-OSL
content-encoding: br

watching.nwsautodaily.com/no-backdrop.png

172.67.154.8

302 Found

1.6 kB

URL GET HTTP/3
watching.nwsautodaily.com/no-backdrop.png
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type

Size
1.6 kB (1552 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /no-backdrop.png HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
Cookie: XSRF-TOKEN=eyJpdiI6InB4Wmo5bmVIaU1oQnQ3TGRUWXJHUFE9PSIsInZhbHVlIjoiZFdpUUxWSk1wNmZDRDlBbHJpaVNRenFQSkx5TFBLRkNTMnVFdGZYMFJZbm04Z3VIZG1lckIwNDFhQWhseFk0ayIsIm1hYyI6IjQxMzVhZGFiZjQ0OTBkYjRiNjhlMTkxNmQyNzlhNDAyYzE1OTEzNjk5ZDEyYzdmM2FlMTliNzNlZjVjOGIyZWMifQ%3D%3D; laravel_session=eyJpdiI6Ik9IaEtad0p1VlBDcUpETFFyUkdOcHc9PSIsInZhbHVlIjoiMWhQOTU3XC9ITDlSZ0w5dm1TSCtjWGFXdG9ZVnNJdGZUZ3M5RnpjQjNlVGtjWlwvT3dEXC9kM083bW5Zb1VTall3RCIsIm1hYyI6IjgwMTA4MjMxYTcwZTZiNjYzMjUwOWVmNzc3ZTkyNmJmNDMwMDVmNThkMDk1YzVjYzExODE4YmNjMTRlMTlhMjUifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sat, 22 Jun 2024 09:44:30 GMT
content-type: text/html; charset=UTF-8
location: https://watching.nwsautodaily.com/en/no-backdrop.png
cache-control: no-cache, private
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; expires=Sat, 22-Jun-2024 11:44:29 GMT; Max-Age=7200; path=/
laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D; expires=Sat, 22-Jun-2024 11:44:29 GMT; Max-Age=7200; path=/; httponly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDh%2B1a3lQcfHm4gb4MvarxMAXvyiUHeDJh0542yLHLwDMTfe2zN80%2FtJhd9vTm%2B%2B2SiZl0KaNvy%2FfzrsPD%2BZVVaSLDe2Z2CTI8eS6lC%2BGzrjwmOo4oulAIZjEfgep3pMK7sCHJ2F%2Flk%2FDU6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cce882f56b1-OSL

watching.nwsautodaily.com/en/no-backdrop.png

172.67.154.8

404 Not Found

1.6 kB

URL GET HTTP/3
watching.nwsautodaily.com/en/no-backdrop.png
IP
172.67.154.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerLet's Encrypt
Subjectnwsautodaily.com
Fingerprint16:88:94:0D:AA:20:BD:CD:4B:A0:E1:E9:73:EF:E0:8E:57:4A:86:BF
ValidityWed, 12 Jun 2024 09:07:17 GMT - Tue, 10 Sep 2024 09:07:16 GMT

File type
HTML document, ASCII text, with very long lines (1636), with no line terminators
Size
1.6 kB (1552 bytes)
Hash
8e2567cdeb86d5d652eb4329d59a4f20
d24c7feb4f7b2e903cc8e57f038d6bb9c0d57e8c
5b4e37a95c238f3c57763b23161bfac0d2637360e2a635d52185812762266657

HTTP Headers

GET /en/no-backdrop.png HTTP/1.1
Host: watching.nwsautodaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://watching.nwsautodaily.com/ro/movie/1265662
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImwzUXJndFR3YmpXWXRzQnJqbUF2TkE9PSIsInZhbHVlIjoiMCt2RTdvTTdCUW1tNUJqWk9icWdMdXFIY0FIOEVPaDJjMm1CeFFpb1BcL1wvVjdTSkw2U3VpYWlya2VrSUVrUWIyIiwibWFjIjoiMzc0Mzg3OWQyMDdkNTNmOWZiZjY0MzgzZWUyNGZhNjdmNDFjZmYyYjNlYmI3YjYzZjc4YWMxNDNkODA5ZDgyOCJ9; laravel_session=eyJpdiI6IlpRY21cL2RYRHdnNTF5YXR4M3VEYTB3PT0iLCJ2YWx1ZSI6IjJ6QVgrSWNzZUhkcVFEUVo2cEpERSs0a2ZhOUJNSkZtdjVxeUdCK1RuSEtscTBsRnVzSmU1Vk1hdHY5QUh0cVIiLCJtYWMiOiJhMmNhM2I3ODcxNjdkNzE1ZTQyNGRiMzUyZmU1NjcyMGNmZDE3OTU3ZTQ3NTdjNWZhODE2ZDI5YzAwOTFjNzk3In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 22 Jun 2024 09:44:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9MsAYR%2BhwrXD2RwP3d0EK%2F0JXDOtsCYUCwJzuKUye0ws4eW9R9hBB%2F7%2BEht4zB%2BfyGKMYbTrot%2FCBoNSXZ2%2FNR9Ovxf3Bq3tRA0D1q848JlH8EK5vPTxrIclheEoratk748fTVd7rbITYH%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4cd54f3056b1-OSL
content-encoding: br

use.fontawesome.com/3db27005e3.js

172.67.142.245

200 OK

9.5 kB

URL GET HTTP/2
use.fontawesome.com/3db27005e3.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://watching.nwsautodaily.com/ro/movie/1265662
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators
Size
9.5 kB (9496 bytes)
Hash
aaf3ec5ce652d94ca41db59d56323b5b
3265fcbea623887efe331275b4bddf266bddf03a
fe127b665460353e2b450cbb6e52a65af49dfcf2f4bbaec446b4235060f82556

HTTP Headers

GET /3db27005e3.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://watching.nwsautodaily.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 22 Jun 2024 09:44:29 GMT
content-type: text/javascript
etag: W/"98736d79a2579e922ebb12be517eea2a"
last-modified: Fri, 22 Sep 2023 00:35:35 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 5668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrDvtAx5t1%2FNJogOJSLREIA9%2FuGQDnOfzgLRtZGIRQDXvwyG%2BedPB9uqy5srdgb4Dv%2FoCTkfkcmZXK3pXeL8GJLox8uKeHIqOkIJcBdRk3%2FeEfksqTlsPjK5AT5S1C32YfqT0WlH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 897b4ccf1cca56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML