URL: https://newsbadru.lighting/
Submission: On March 28 via api from BE — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3035::6815:9a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsbadru.lighting.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2024. Valid for: 3 months.
This is the only time newsbadru.lighting was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 15 172.67.160.74 13335 (CLOUDFLAR...)
2 192.243.61.227 39572 (ADVANCEDH...)
2 2a04:4e42::367 54113 (FASTLY)
9 192.0.77.2 2635 (AUTOMATTIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 54.39.128.162 16276 (OVH)
31 8
Apex Domain
Subdomains
Transfer
16 newsbadru.lighting
newsbadru.lighting
295 KB
9 wp.com
i1.wp.com — Cisco Umbrella Rank: 8039
i2.wp.com — Cisco Umbrella Rank: 8078
i3.wp.com — Cisco Umbrella Rank: 60346
i0.wp.com — Cisco Umbrella Rank: 3821
514 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15493
s4.histats.com — Cisco Umbrella Rank: 15484
5 KB
2 guim.co.uk
i.guim.co.uk — Cisco Umbrella Rank: 16821
129 KB
2 noisesperusemotel.com
noisesperusemotel.com
31 5
Domain Requested by
16 newsbadru.lighting 1 redirects newsbadru.lighting
5 i1.wp.com newsbadru.lighting
2 i3.wp.com newsbadru.lighting
2 i.guim.co.uk newsbadru.lighting
2 noisesperusemotel.com newsbadru.lighting
1 s4.histats.com s10.histats.com
1 i0.wp.com newsbadru.lighting
1 i2.wp.com newsbadru.lighting
1 s10.histats.com newsbadru.lighting
31 9

This site contains links to these domains. Also see Links.

Domain
superbthemes.com
Subject Issuer Validity Valid
newsbadru.lighting
GTS CA 1P5
2024-03-25 -
2024-06-23
3 months crt.sh
noisesperusemotel.com
R3
2024-03-19 -
2024-06-17
3 months crt.sh
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-11-14 -
2024-12-15
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-13 -
2024-05-11
a year crt.sh
histats.com
R3
2024-02-16 -
2024-05-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://newsbadru.lighting/
Frame ID: 3E116728E52BDBFF704D1C320A5108E7
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

News Online – Update News 2024

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

43 %
IPv6

5
Domains

9
Subdomains

8
IPs

2
Countries

943 kB
Transfer

1156 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://newsbadru.lighting/favicon.ico HTTP 302
  • https://newsbadru.lighting/wp-includes/images/w-logo-blue-white-bg.png

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newsbadru.lighting/
106 KB
18 KB
Document
General
Full URL
https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:9a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d91b0d780de43fa9837f9b542b9f60f10f1923da7fe7fbe982b50ebf1ccbf2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b477106f63b8ac-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 03:17:04 GMT
link
<https://newsbadru.lighting/wp-json/>; rel="https://api.w.org/" <https://newsbadru.lighting/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://newsbadru.lighting/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCx4PHldoMrwIBU5Ow2zvq%2B%2FRguDxY1ibYGg1ZRyIRCzm7oj6WgzPSg9t0WfJQlj3hPuLmFqBpopLeUMKXM%2FeftXjhWwTBuGKMS4BCnIhXcBamFG4NpQ8jmg0wInNHwGOWDa9q42V0Rm3SvQjjT8Yg4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
style.min.css
newsbadru.lighting/wp-includes/blocks/navigation/
16 KB
3 KB
Stylesheet
General
Full URL
https://newsbadru.lighting/wp-includes/blocks/navigation/style.min.css?ver=6.4.3
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4096-65e822d3-2ae21f8;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9BWy7mzXjAees4BzSmASXqQ7agmvyQ0x6kzuSwl5NEeRdnNLpZlThtAqHST8Z6gOHWv6Mq4b5OUVvrKrZ3jOyGpJlaBoyMKzRfaTNvlfQWxOsL7JtR7L3Afc263n7iwrDvFZyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
86b477111e8d06ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Mar 2024 15:17:04 GMT
style.min.css
newsbadru.lighting/wp-includes/blocks/social-links/
10 KB
2 KB
Stylesheet
General
Full URL
https://newsbadru.lighting/wp-includes/blocks/social-links/style.min.css?ver=6.4.3
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2801-65e822d3-2ae230c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSradsBvVMpWp2mK%2BeDUQ5at4W9NeMVAyYwwSiXrWGuxoWX8M%2FJQXkY%2BOXJiVgKlHp5Z9i9v12GKdMW9bJUF7SxqMJAiM3FxHnQy6o6XjsD1M93hz65S9o4TZcxraVFeBK1jQZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
86b477111e8f06ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Mar 2024 15:17:04 GMT
style.min.css
newsbadru.lighting/wp-includes/blocks/image/
7 KB
2 KB
Stylesheet
General
Full URL
https://newsbadru.lighting/wp-includes/blocks/image/style.min.css?ver=6.4.3
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1b43-65e822d3-2ae21af;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FqAWlQaQHWQyrb7WswtzDARuxJ5CDSTaE9KVIIFN6bKDb2SgihtPEZQeaiU%2B82W1Dr99bkPiT1YljW5xz9nfaSwneyCHHeI4IqyHpZg9fFZ%2B%2FypH8knFnxLHnPj60M3yn88bG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
86b477111e9106ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Mar 2024 15:17:04 GMT
patterns.css
newsbadru.lighting/wp-content/themes/newspaper-builder/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://newsbadru.lighting/wp-content/themes/newspaper-builder/assets/css/patterns.css?ver=1709764416
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e692ba120699a819bcd484ff4a31d2f948982591b0f39d2b4c5ef04ed18401

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 22:33:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c11-65e8ef40-2ae1d32;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZsDz%2BWNSkQvrQ3%2Fj1r4XhJN1gi99VOEuYyYsIFeJXOjK19VQkjT3PYgkqQDb%2FP%2B6iiyU7TNp2eQ%2BPTRIOk%2BQwu7S%2Bypi0IhZp6BqluKkzHw56Mk8Aomv4Pqs4l%2BVD6hmtVTB0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
86b477111e9306ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 28 Mar 2024 15:17:04 GMT
interactivity.min.js
newsbadru.lighting/wp-includes/js/dist/
32 KB
13 KB
Script
General
Full URL
https://newsbadru.lighting/wp-includes/js/dist/interactivity.min.js?ver=6.4.3
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7e7a-65e822d2-2ae252b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zfyTw2LNTlytmUkAFkaOJA7AAyRIJNxY2C26S2MgUtYUC%2BX86IOV73ltJA5rhTyomElw6f1PnTO4dzdCXMN3Azs1rXuWYfyzAMamqXmfcwcK2rM0f52%2BbHAMatsMJ3sTsCUph8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
86b477125f7506ca-AMS
alt-svc
h3=":443"; ma=86400
view.min.js
newsbadru.lighting/wp-includes/blocks/navigation/
4 KB
2 KB
Script
General
Full URL
https://newsbadru.lighting/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e02-65e822d3-2ae21fe;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZbvy8hq73g6TgC4RHv4qd329Xp%2Bou8cKtMWKwxtpqotLN7YxkKMiK4Sa%2Bn%2BN%2BPBWfnl34mlUNVfUxrcRy%2B2pqYARuznJspD15PiyVPzVhRPO8uZ%2FySBn%2BK%2Fja8UM1rhzbgUYro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
86b477125f7606ca-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
newsbadru.lighting/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://newsbadru.lighting/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15601-65e822d2-2ae2595;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gnu1ISEJfyHzP9MIkP0m8wz3cwP1FXFoc9Vou5RYA8V7F%2BJnL5oKXXIViaFC6qp424ncnA9ZH%2F9tm7Ys5c06s3jEx7WjnvhCcyzZTPxEhGk3nN40hR8zIxEcy1be%2BS3pL8skJvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
86b477111e9406ca-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
newsbadru.lighting/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://newsbadru.lighting/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3509-65e822d2-2ae258d;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Vlz8oXVAtdGX26GIaj%2F4FrZfCMugH3S4REvblgUkjOwov2mqiSeikIWZL2UZlNwJSUFCTv7lRDaNvHB5GSOwo5OARw2nCNHhq7KEZPRnGs%2FP9z%2Fh4wiA%2FbfmJxFyymWd1p1%2FaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
86b477111e9606ca-AMS
alt-svc
h3=":443"; ma=86400
invoke.js
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/
0
0
Script
General
Full URL
https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 03:17:05 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
5184.jpg
i.guim.co.uk/img/media/846abe78cc3777a9958ba1076948d1e07deca043/0_138_5184_3110/master/
64 KB
65 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/846abe78cc3777a9958ba1076948d1e07deca043/0_138_5184_3110/master/5184.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctb3BpbmlvbnMucG5n&enable=upscale&s=72afa66f027a86fbc4d94de491e840bb
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef1ff4d848c1576f56a7c1b23da44a70b24ca6a45ccb2bd03755a549cec314b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img10-europe-west2
age
81638
x-cache
MISS, MISS
fastly-io-info
ifsz=5841525 idim=5184x3110 ifmt=jpeg ofsz=65892 odim=1200x630 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
138
content-length
65892
x-served-by
cache-lcy-eglc8600037-LCY, cache-mxp6976-MXP
server
AmazonS3
x-timer
S1711595825.925400,VS0,VE765
etag
"CDD6+CHclc/WbzvcP4VSPkBHZKT787qQ/4RNflV8C1k"
x-amz-meta-bounds-height
3110
x-amz-meta-bounds-width
5184
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
0, 0
gettyimages-1734325119.jpg
i1.wp.com/assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/
39 KB
39 KB
Image
General
Full URL
https://i1.wp.com/assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/gettyimages-1734325119.jpg?v=3d62f4cc0092e6eb151a9685301ed284&w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
da66a99be0da8e6fcc99322c21ceddb56b0e02bda1aef83b1268b904744d2ad8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:04 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
39428
x-nc
MISS hhn 1
last-modified
Thu, 28 Mar 2024 03:17:04 GMT
server
nginx
etag
"e5fed58eb5e917f7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/gettyimages-1734325119.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:04 GMT
gettyimages-1641350180.jpg
i1.wp.com/assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/
43 KB
43 KB
Image
General
Full URL
https://i1.wp.com/assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/gettyimages-1641350180.jpg?v=3d62f4cc0092e6eb151a9685301ed284&w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3fd64f016813187763b5210c75a6ad91d6bc115bf7d524bab8043a9be8480b8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
43558
x-nc
MISS hhn 1
last-modified
Thu, 28 Mar 2024 03:17:05 GMT
server
nginx
etag
"65e2675dcc0048b7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/gettyimages-1641350180.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:05 GMT
banner.png
newsbadru.lighting/wp-content/themes/newspaper-builder/assets/images/
806 B
1 KB
Image
General
Full URL
https://newsbadru.lighting/wp-content/themes/newspaper-builder/assets/images/banner.png
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686bc74c455224dfa087769443af3fba4d0210a86452e8e8e72c034b10cddc3c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2024 22:33:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"326-65e8ef40-2ae1d41;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G02DSrX%2BICMEfrvyjj1FmxRdvknNKC1M3rVGIK9T0%2Fx2%2B7RhpDr4cSwlkMCvbompgdWpWqlzeDI4KfouiIbsNa09F%2BS7QXPa%2BH0JmcCdqRdg3DLJVChe7y8hFsJnuBsDXUzIyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
86b477125f7406ca-AMS
alt-svc
h3=":443"; ma=86400
content-length
806
expires
Tue, 26 Mar 2024 03:05:32 GMT
d9832cec-959b-4f9e-8461-889f5ab28034
https://newsbadru.lighting/
1 KB
0
Other
General
Full URL
blob:https://newsbadru.lighting/d9832cec-959b-4f9e-8461-889f5ab28034
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
invoke.js
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/
0
0
Script
General
Full URL
https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 03:17:05 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
23848
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
86b477188ef265a2-FRA
content-length
4547
5184.jpg
i.guim.co.uk/img/media/846abe78cc3777a9958ba1076948d1e07deca043/0_138_5184_3110/master/
64 KB
64 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/846abe78cc3777a9958ba1076948d1e07deca043/0_138_5184_3110/master/5184.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdGctb3BpbmlvbnMucG5n&enable=upscale&s=72afa66f027a86fbc4d94de491e840bb
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef1ff4d848c1576f56a7c1b23da44a70b24ca6a45ccb2bd03755a549cec314b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img10-europe-west2
age
81638
x-cache
MISS, HIT
fastly-io-info
ifsz=5841525 idim=5184x3110 ifmt=jpeg ofsz=65892 odim=1200x630 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
138
content-length
65892
x-served-by
cache-lcy-eglc8600037-LCY, cache-mxp6976-MXP
server
AmazonS3
x-timer
S1711595826.909227,VS0,VE0
etag
"CDD6+CHclc/WbzvcP4VSPkBHZKT787qQ/4RNflV8C1k"
x-amz-meta-bounds-height
3110
x-amz-meta-bounds-width
5184
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
0, 1
Lato-Bold.ttf
newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Lato/
72 KB
72 KB
Font
General
Full URL
https://newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Lato/Lato-Bold.ttf
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
Origin
https://newsbadru.lighting
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2024 22:33:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11e74-65e8ef40-2ae1d36;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBwDeR60S7aCamOZOLs4heT98PPqQqyRB2ytY1qAsfjyiMZRVZJYtmgbPkLhIL8LPtqYDuyDHLMjSKq2IdJvjUz0e0hgF1rVGqh%2FXdsFjaYl%2By2bJyb9yFffOZ72TocXDKWLSiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
86b47717fbf806ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Mar 2024 03:05:33 GMT
Jost-SemiBold.ttf
newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Jost/
60 KB
61 KB
Font
General
Full URL
https://newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Jost/Jost-SemiBold.ttf
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea7c87bc23f00deaf7d1f7fe6d8d81820b139236849d33e41eefc9605855903

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
Origin
https://newsbadru.lighting
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2024 22:33:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f0d0-65e8ef40-2ae1d33;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVo3k4%2F8yi8xsYqno4VraWGoFGAbxcY844pRkRokABeGN8uEBvCrXvGj6OyfVYHLrBoBAonqXstnQBpik0QZ8FumGb7VYBBPOHlvP1YvnXbFtFgaCThsoV1RSQErVClT3lUEMdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
86b47717fbfb06ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Mar 2024 03:05:33 GMT
Lato-Regular.ttf
newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Lato/
73 KB
74 KB
Font
General
Full URL
https://newsbadru.lighting/wp-content/themes/newspaper-builder/assets/fonts/Lato/Lato-Regular.ttf
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
Origin
https://newsbadru.lighting
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2024 22:33:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"12590-65e8ef40-2ae1d3b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4c8Ihzcc4qQOfaKdRYQYjRopjI%2BE%2BEaiuMekG86fJHS2SSxxRyykXnm6rfKYIT%2B9lF8zV1ltXgqmHQyM6wso1G1CmrX8fVdefBlatY7k1jPSxFR%2BPJTX%2BtUkQuJy55svuIBbv%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
86b47717fbfc06ca-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Mar 2024 03:05:33 GMT
546a9a93fbf34e74a1063d80c5d2f877.jpg
i1.wp.com/www.wilmerhale.com/-/media/
27 KB
28 KB
Image
General
Full URL
https://i1.wp.com/www.wilmerhale.com/-/media/546a9a93fbf34e74a1063d80c5d2f877.jpg?w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9ee120fb3a2a9d551a190493dfc33d6e0fcca96b0b105b2ce5cb7c520e12fa08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
28032
x-nc
MISS hhn 1
last-modified
Thu, 28 Mar 2024 03:17:06 GMT
server
nginx
etag
"8325bb06a4a47177"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.wilmerhale.com/-/media/546a9a93fbf34e74a1063d80c5d2f877.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:06 GMT
6e856248f7b49404abdb96c78b23496d
i2.wp.com/media.zenfs.com/en/knwa_fayetteville_articles_688/
202 KB
202 KB
Image
General
Full URL
https://i2.wp.com/media.zenfs.com/en/knwa_fayetteville_articles_688/6e856248f7b49404abdb96c78b23496d?w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
204cabd835ecf47cc74c9dcf144b85fd48fb12878abf72f59695628cb2933dff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
206667
x-nc
MISS hhn 4
last-modified
Thu, 28 Mar 2024 03:17:06 GMT
server
nginx
etag
"bc474165fcb4cbe4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://media.zenfs.com/en/knwa_fayetteville_articles_688/6e856248f7b49404abdb96c78b23496d>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:06 GMT
lebron-james.jpg
i3.wp.com/d.newsweek.com/en/full/2356446/
48 KB
48 KB
Image
General
Full URL
https://i3.wp.com/d.newsweek.com/en/full/2356446/lebron-james.jpg?w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e46bf9788fc7ce7b6f1196ebc8ef1efca6184f28b6f4e31848575823f8e568a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
48810
x-nc
MISS hhn 4
last-modified
Thu, 28 Mar 2024 03:17:06 GMT
server
nginx
etag
"1bf65dc1c3b866f5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://d.newsweek.com/en/full/2356446/lebron-james.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:06 GMT
2023-24-APSU-Womens-Tennis-33.jpg
i0.wp.com/www.clarksvilleonline.com/wp-content/uploads/2024/03/
133 KB
134 KB
Image
General
Full URL
https://i0.wp.com/www.clarksvilleonline.com/wp-content/uploads/2024/03/2023-24-APSU-Womens-Tennis-33.jpg?w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
620453dc5dbbc813a66fa66ca3190203abc56821fbd438bf97c5ad21bc5ef6cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
136574
x-nc
MISS hhn 3
last-modified
Thu, 28 Mar 2024 03:17:06 GMT
server
nginx
etag
"b291f5e08efcea3f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.clarksvilleonline.com/wp-content/uploads/2024/03/2023-24-APSU-Womens-Tennis-33.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:06 GMT
Uncle-Julios-Food.jpg
i3.wp.com/media.nbcchicago.com/2019/09/
14 KB
14 KB
Image
General
Full URL
https://i3.wp.com/media.nbcchicago.com/2019/09/Uncle-Julios-Food.jpg?quality=85&strip=all&resize=1200%2C675&w=1200&resize=1200,0&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1fc3595008d56d331be9379a45050118cf9aceaf05bae49c5dbededcaca91a9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
14288
x-nc
MISS hhn 4
last-modified
Thu, 28 Mar 2024 03:17:05 GMT
server
nginx
etag
"f37c43cb8f056520"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://media.nbcchicago.com/2019/09/Uncle-Julios-Food.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:05 GMT
gettyimages-1734325119.jpg
i1.wp.com/assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/
2 KB
2 KB
Image
General
Full URL
https://i1.wp.com/assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/gettyimages-1734325119.jpg?v=3d62f4cc0092e6eb151a9685301ed284&w=150&resize=150,150&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8053ec26470c74abf527cccece0775a6bd5b31c8214e6386864dd85be40112d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
1878
x-nc
MISS hhn 1
last-modified
Thu, 28 Mar 2024 03:17:05 GMT
server
nginx
etag
"b6bf065a16db5530"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets2.cbsnewsstatic.com/hub/i/r/2024/02/02/16569efb-cde0-490c-82c4-d1bf760f17ee/thumbnail/1200x630/108e5a4300ccd2952482e193ede536d2/gettyimages-1734325119.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:05 GMT
gettyimages-1641350180.jpg
i1.wp.com/assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/
3 KB
3 KB
Image
General
Full URL
https://i1.wp.com/assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/gettyimages-1641350180.jpg?v=3d62f4cc0092e6eb151a9685301ed284&w=150&resize=150,150&ssl=1
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
005efb6c6470d1f62d6f2ceddc89c0d918726ff6af0521452f377a4240c8d750
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3100
x-nc
MISS hhn 1
last-modified
Thu, 28 Mar 2024 03:17:05 GMT
server
nginx
etag
"e9ee81bce94bbb71"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/24/40850d9c-3492-4d0e-b5cb-7ca662dc3363/thumbnail/1200x630/4715ab8c8172c699c0baaa69f06d39cc/gettyimages-1641350180.jpg>; rel="canonical"
expires
Sat, 28 Mar 2026 15:17:05 GMT
wp-emoji-release.min.js
newsbadru.lighting/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://newsbadru.lighting/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: newsbadru.lighting
URL: https://newsbadru.lighting/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 03:17:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 06 Mar 2024 08:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4904-65e822d2-2ae24ca;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFR9rP97dWlP3cS44OXdo39GdJ1QFm85zM4zGxbTCpE7EpcA7PJPbib%2FdbczAqG98lKTF8n2i7Y3OwlNTTyfAV0xriAnai0j6ntqY6gLvXhJJb%2B7oy23TkH%2BMA2rMTFyVj%2FUiy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
86b477181c0606ca-AMS
alt-svc
h3=":443"; ma=86400
0.php
s4.histats.com/stats/
50 B
184 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4725222&@f16&@g1&@h1&@i1&@j1711595826046&@k0&@l1&@mNews%20Online%20%E2%80%93%20Update%20News%202024&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u800&@b1:52089601&@b3:1711595826&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fnewsbadru.lighting%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
91566a4bd5e56c363f94b3a70974c1b151bd6b043ca9ae3eb502b89301c63b6a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newsbadru.lighting/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 03:16:58 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
w-logo-blue-white-bg.png
newsbadru.lighting/wp-includes/images/
Redirect Chain
  • https://newsbadru.lighting/favicon.ico
  • https://newsbadru.lighting/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB
Other
General
Full URL
https://newsbadru.lighting/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
172.67.160.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsbadru.lighting/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 28 Mar 2024 03:17:06 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Mar 2024 08:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1017-65e822d2-2ae2445;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyKCifNkmWl1iJYThOhgFSBHcYAHdvI36URkBbA%2Bav3G5sfJtn1Om%2FTqvlxECrCdG52k6rPuzJZ%2B5MUXpbyi%2Fs2EjHlA8JOSkR3FaXxZq9p8aMZDSqD774%2FsNonsn9UFOTBiQdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
86b4771c4f7606ca-AMS
alt-svc
h3=":443"; ma=86400
content-length
4119
expires
Tue, 26 Mar 2024 20:49:56 GMT

Redirect headers

date
Thu, 28 Mar 2024 03:17:06 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
x-litespeed-cache
miss
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9zhghvJupy%2BKYB5hU6nrju8WRt6V3loTfhBAocqxqjRvNC%2BC0veO6nO4rvzLRlhfsX1JdF%2Bdur2Is%2FqzOuiXs9IMox%2FYpbi%2FKQLyQdKuAhhGZsYhfoEZV%2F5LBEQDmtypyNxCSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://newsbadru.lighting/wp-includes/images/w-logo-blue-white-bg.png
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
06c_HTTP.200,06c_HTTP.302,06c_default,06c_URL.b54ff2eddcb0060bcd786ce388d8d4d7,06c_
cf-ray
86b4771b8e8a06ca-AMS
link
<https://newsbadru.lighting/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| _wpemojiSettings undefined| $ function| jQuery object| atOptions function| closeAd object| _Hasync object| __WordPressPrivateInteractivityAPI__ function| chfh function| chfh2 string| _HST_cntval object| Histats object| twemoji object| wp object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
newsbadru.lighting/ Name: HstCfa4725222
Value: 1711595826046
newsbadru.lighting/ Name: HstCla4725222
Value: 1711595826046
newsbadru.lighting/ Name: HstCmu4725222
Value: 1711595826046
newsbadru.lighting/ Name: HstPn4725222
Value: 1
newsbadru.lighting/ Name: HstPt4725222
Value: 1
newsbadru.lighting/ Name: HstCnv4725222
Value: 1
newsbadru.lighting/ Name: HstCns4725222
Value: 1

4 Console Messages

Source Level URL
Text
javascript warning URL: https://newsbadru.lighting/(Line 235)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://newsbadru.lighting/(Line 235)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.guim.co.uk
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
newsbadru.lighting
noisesperusemotel.com
s10.histats.com
s4.histats.com
172.67.160.74
192.0.77.2
192.243.61.227
2606:4700:10::6814:4373
2606:4700:3035::6815:9a3
2a04:4e42::367
54.39.128.162
005efb6c6470d1f62d6f2ceddc89c0d918726ff6af0521452f377a4240c8d750
1fc3595008d56d331be9379a45050118cf9aceaf05bae49c5dbededcaca91a9f
204cabd835ecf47cc74c9dcf144b85fd48fb12878abf72f59695628cb2933dff
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
3fd64f016813187763b5210c75a6ad91d6bc115bf7d524bab8043a9be8480b8b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
620453dc5dbbc813a66fa66ca3190203abc56821fbd438bf97c5ad21bc5ef6cf
686bc74c455224dfa087769443af3fba4d0210a86452e8e8e72c034b10cddc3c
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
8053ec26470c74abf527cccece0775a6bd5b31c8214e6386864dd85be40112d6
91566a4bd5e56c363f94b3a70974c1b151bd6b043ca9ae3eb502b89301c63b6a
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
9ee120fb3a2a9d551a190493dfc33d6e0fcca96b0b105b2ce5cb7c520e12fa08
a1d91b0d780de43fa9837f9b542b9f60f10f1923da7fe7fbe982b50ebf1ccbf2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cea7c87bc23f00deaf7d1f7fe6d8d81820b139236849d33e41eefc9605855903
d5e692ba120699a819bcd484ff4a31d2f948982591b0f39d2b4c5ef04ed18401
d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3
da66a99be0da8e6fcc99322c21ceddb56b0e02bda1aef83b1268b904744d2ad8
e46bf9788fc7ce7b6f1196ebc8ef1efca6184f28b6f4e31848575823f8e568a7
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
ef1ff4d848c1576f56a7c1b23da44a70b24ca6a45ccb2bd03755a549cec314b4