Report - newfeedblog.xyz/yslHOw30/?data1=2vp5lnjo7i59&data2=[TID]&data3=[SID]&data4=bananaads.pro

Report Overview

Submitted URL
newfeedblog.xyz/yslHOw30/?data1=2vp5lnjo7i59&data2=[TID]&data3=[SID]&data4=bananaads.pro
IP
2.58.67.161
ASN
#44066 firstcolo GmbH
Submitted
2024-04-19 08:33:32
Access
public
Website Title
MIXER NOVOSTEI -
Final URL
soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ffrtrinvzk.com	unknown	2023-08-31	2023-08-31	2024-03-24	436 B	14 kB	116.202.32.33
newfeedblog.xyz	unknown	2024-01-23	2024-01-24	2024-03-21	544 B	21 kB	2.58.67.161
wdhhsxghbr.com	unknown	2023-05-12	2023-05-27	2024-02-26	436 B	29 kB	116.202.32.33
yxfjtxtjxjkxh.store	unknown	unknown	No data	No data	500 B	857 B	2.58.67.161
soar-vision.com	unknown	unknown	No data	No data	5.0 kB	169 kB	188.114.97.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	2.1 kB	54 kB	216.58.207.227
mixer-events.com	unknown	2023-09-13	2023-09-13	2024-03-24	1.2 kB	22 kB	85.192.12.187
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	460 B	9.4 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	yxfjtxtjxjkxh.store	Sinkholed
2024-04-19	medium	mixer-events.com	Sinkholed
2024-04-19	medium	mixer-events.com	Sinkholed
2024-04-19	medium	wdhhsxghbr.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	2.0 kB	2024-04-19	2024-04-19
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 09:18:49 Last Seen2024-04-19 10:33:43 Times Seen3 Hash 6419fe38e18eb1f5793a6b5d6974c499 0c2111d19a7bb25c2a4e9b4b5752b48b18d975f8 b0b2e26577b5451ffb35cf1f04edceec48fdd6b34c8aadf357967bcbba94d2fc Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	674 B	2023-11-22	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 16:10:23 Last Seen2024-05-01 10:12:45 Times Seen38 Hash b4594783d8efe794fac1ce9e82a0cc5e e5f586fa17c5087eddd72a3459c1b4df84c2eedd 21e653453da0aa932e1336f13f7a7903332c146e4757f8cf8248e05be92a3d18 Loading...

	soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js	61 kB	2024-04-05	2024-05-02
Pretty URL soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 13:31:30 Last Seen2024-05-02 01:44:25 Times Seen22 Hash 885d599073ffbe148bdc80a6f290c842 01a816b3d95cc1920cd1352e9c3c942abaca874d 54992b57d63e453bee34817f0ea1c73f68b4bed1b5d72fc083ea5e823d82fb66 Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	13 B	2023-03-07	2024-05-02
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-05-02 01:44:25 Times Seen825 Hash 8e742d11d6b24c401e35f3b516726584 89b72153bd7e6390415ba25b9b5fbe750e6e16d5 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40 Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	3.1 kB	2024-04-19	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 09:18:49 Last Seen2024-05-01 10:12:45 Times Seen6 Hash 3fa66fc23fdcdc2657f9837d174d0136 18c41adaff3b26b418bad8529d8a5b3b1f567627 1d9070d641eaccf56261d13c02fe38316ebea78afe4c9f350bc3cc61fb1498ed Loading...

	ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js	14 kB	2023-11-11	2024-05-01
Pretty URL ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js IP 116.202.32.33 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 01:07:34 Last Seen2024-05-01 10:12:45 Times Seen41 Hash e544f23c69afbc0d8baecb422a453f08 ecb44c1f88aba5561699982f28e9319e390cc672 7dac0e67a328b139811db3bc1abc2f19f8694437e5874fe5e38daf50196a191f Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	1.6 kB	2023-03-07	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-05-01 10:12:45 Times Seen110 Hash cefeaf107cf4ea904198a25ce287c749 0ce821318d3c06ca6be9e2d25c9212c99240492f c940d27f84a2d9a115855dc93b3f98d8e9990e979d82cc1d1d7b3a88dfa35c8c Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	5.9 kB	2023-04-25	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-05-01 10:12:45 Times Seen101 Hash a8a016e42d0cd02fdb88bbe44e1691d3 0720b760906f353568ee31173f51924082ddc5ab 16131e407a0ab1cfd7a8fd5285a427292fc0b72ed1b8fc5d8ad762a5e0a3ee21 Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	896 B	2024-02-06	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-06 06:16:58 Last Seen2024-05-01 10:12:45 Times Seen23 Hash 464ccebd46c9acecae989cb04642623c c36550914e324937b946ffdde859fc9d286e66da 989b43ad5f9d072714a41e66cac2328c86eed22f646f8e58b939ba9d05996afc Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	520 B	2023-04-25	2024-05-01
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-05-01 10:12:45 Times Seen104 Hash 0ecbef2fe3dd74ace4ff70c949cd4572 40493ff5c4b1a05e61256a9a2ba640e64f7c0299 20f7d445ff52c6baac1489937a61431ea5c293fb6dc480b22f29f1277e27d0c0 Loading...

	soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819	1.8 kB	2023-09-03	2024-04-25
Pretty URL soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-03 22:13:13 Last Seen2024-04-25 10:51:11 Times Seen22 Hash 56a59e0400c2d123d85574165d670967 6c8fc0b76fe46613f79d210a297a92dd1cccd7f7 343d6c2788409b086b4b9d0619741bcb73fc3deeb974c51658b6cb4d119be891 Loading...

	soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js	284 kB	2024-03-22	2024-05-02
Pretty URL soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 17:47:33 Last Seen2024-05-02 01:44:25 Times Seen16 Hash 4bcc8f1ab257a3a7f2682fc76ef938eb 0b55a5a558745ab4f3ee40a448ae67af35b249f8 876d0035f300e030d2dd7e8c3fa3cac069e0970edee3ad710a66579242d23c8e Loading...

	wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js	28 kB	2023-11-11	2024-05-01
Pretty URL wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js IP 116.202.32.33 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 01:07:34 Last Seen2024-05-01 10:12:45 Times Seen21 Hash 3477b6a27807673228c33bab5836defd a539ba0d605ae7edba74719766e385dd7869765c 48224394a80d0154ad2e03365f2e182636a92052bf3f8f1582f9904ea760a3ae Loading...

HTTP Transactions (19)

URL IP Response Size

yxfjtxtjxjkxh.store/news/cid352923069/nid8320/

2.58.67.161

302 Found

370 B

URL User Request GET HTTP/2
yxfjtxtjxjkxh.store/news/cid352923069/nid8320/
IP
2.58.67.161:443
ASN
#44066 firstcolo GmbH

Certificate
IssuerLet's Encrypt
Subject*.yxfjtxtjxjkxh.store
Fingerprint43:06:A4:E2:35:29:39:F2:73:05:67:18:25:0B:9E:89:77:48:35:BC
ValidityTue, 16 Apr 2024 10:21:17 GMT - Mon, 15 Jul 2024 10:21:16 GMT

File type
HTML document, ASCII text, with very long lines (368)
Size
370 B (370 bytes)
Hash
4bd5267fe302210535c4ddf32d086fa6
a242d5f156e73d8c31601a3601624c465b948062
5a85a66c841ff745b92be24e215e5ae66a4b5898418ef384a94d34f875ab2031

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /news/cid352923069/nid8320/ HTTP/1.1
Host: yxfjtxtjxjkxh.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 08:33:07 GMT
content-type: text/html;charset=UTF-8
location: https://mixer-events.com/new?utm_campaign=27859&utm_source=269819&utm_medium=7738
x-powered-by: PHP/7.4.33
set-cookie: user_segment_id=21; expires=Sat, 20-Apr-2024 08:33:07 GMT; Max-Age=86400; path=/; HttpOnly
user_visit_id=visitId171624614; expires=Sat, 20-Apr-2024 08:33:07 GMT; Max-Age=86400; path=/; HttpOnly
access-control-allow-origin: *
X-Firefox-Spdy: h2

soar-vision.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
soar-vision.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
ASCII text, with very long lines (51776), with no line terminators
Size
19 kB (18721 bytes)
Hash
bb2187ffc39c45384458524b1dd9253b
5d8db7d19fd63fe48fc2e187c970d82e0af37592
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/css/grid.min.css HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ca40"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3arBGwffPKUYAUkm3hh8rtnHklddQTMmj%2BFBPN9a%2BOYZ6o6qVtAxXIkcH3C3vf3vnu6Y3z4paAjEJ2c8EJnm8aFMjwyfTmURIlv3QStmP4h7S61FY9dIgfbhmin4BBNTZE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4cafdc56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

soar-vision.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
soar-vision.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
ASCII text, with very long lines (10290), with no line terminators
Size
13 kB (12882 bytes)
Hash
d38541ab402216e5d06b9eebbda15227
40835452d8b01b09a3946781224301006f5da7b1
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/css/style.min.css HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-2832"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAG89pA9%2FdbvlykLoQ1tIJtw9622j%2Bh1DUffzuFu4I1UBJvbNT1iwmpaFT5PvVUDRkHKyk19Qjbib0Ke%2BDK4ADcP%2FFDVgeK%2FdSvo6awYab3ltZYO%2Bka%2F4SasOTI5Xu6UNXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4cafe956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soar-vision.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 230731
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33460)
Size
95 kB (95149 bytes)
Hash
4060f2a935a377e7eb8db4df608b8ca1
ea630e2580a5075050a0f5435cdfcfd0dde77686
7ae627eec7ec821fb3a6c77342be3acf8bd86d3926956081caaf4306f459bc2e

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-4567c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJ1qVKtGO5jPuLhtHuubqnrRMt9AaRmhzib0ezLBtjLTY2Q96XUyWO0yv9%2F%2BpVQV2exZJmvnJaUYX82tcVOgbOjepff9xZxxc5pYMxJp02BlkfHTkjxDXf06EXWVEEUoow8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4cafe056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soar-vision.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 283118
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soar-vision.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:49 GMT
expires: Fri, 18 Apr 2025 02:43:49 GMT
cache-control: public, max-age=31536000
age: 107360
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

soar-vision.com/api/get-n-items?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&language=RU&blang=en-US&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&offset=0&project=1&count=7

188.114.97.1

200 OK

3 B

URL GET HTTP/3
soar-vision.com/api/get-n-items?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&language=RU&blang=en-US&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&offset=0&project=1&count=7
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
JSON text data
Size
3 B (3 bytes)
Hash
58e0494c51d30eb3494f7c9198986bb9
cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

HTTP Headers

GET /api/get-n-items?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&language=RU&blang=en-US&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&offset=0&project=1&count=7 HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Cookie: duid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:09 GMT
content-type: application/json
content-length: 3
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gym5zYDMGoqcu%2FscQKA1AcBN%2F1VQif%2Bdlx0lXKyrmCGU8a7CVmMlV%2BRskm9bd1%2F266%2FjBH86qCODNJ9sJOkrVVNeMFc8MlHDInSpZgl0WwQSDvttpqRE0ziXMsQy19INs3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4fbb2c56a4-OSL
alt-svc: h3=":443"; ma=86400

188.114.97.1

200 OK

3 B

URL GET HTTP/3
soar-vision.com/api/get-n-items?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&language=RU&blang=en-US&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&offset=7&project=1&count=7
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
JSON text data
Size
3 B (3 bytes)
Hash
58e0494c51d30eb3494f7c9198986bb9
cd0d4cc32346750408f7d4f5e78ec9a6e5b79a0d
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

HTTP Headers

GET /api/get-n-items?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&language=RU&blang=en-US&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&offset=7&project=1&count=7 HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819&uid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Cookie: duid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:09 GMT
content-type: application/json
content-length: 3
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5G2aOP4EDkbvhB9%2F1VQUJeRD0ZonJf7LBzAv%2Fm7SvmHwxgBCYlif4K%2BCyGjkA1J1swgeeEqZyyM5fu7Zzso0yhOVRQp0Qt4mgCaueYg19aiPT6tu9a6FSJxszVCDOflwDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c502baa56a4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soar-vision.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:20 GMT
expires: Wed, 16 Apr 2025 07:14:20 GMT
cache-control: public, max-age=31536000
age: 263929
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mixer-events.com/image.gif?sid9=home&utm_campaign=27859&utm_content=&utm_source=269819&utm_medium=7738&client_id=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed=

85.192.12.187

200 OK

43 B

URL GET HTTP/1.1
mixer-events.com/image.gif?sid9=home&utm_campaign=27859&utm_content=&utm_source=269819&utm_medium=7738&client_id=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed=
IP
85.192.12.187:443
ASN
#12695 LLC Digital Network

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerLet's Encrypt
Subjectmixer-magazin.com
Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43
ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image.gif?sid9=home&utm_campaign=27859&utm_content=&utm_source=269819&utm_medium=7738&client_id=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed= HTTP/1.1
Host: mixer-events.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 19 Apr 2024 08:33:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://soar-vision.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Fri, 19 Apr 2024 08:33:09 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sun, 19 May 2024 08:33:09 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoibmV3cy1jMTU0ZTI2Zi1iNmY2LTQzZTQtODBmYi0wY2EyMDBlODIxN2EiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Sun, 19 May 2024 08:33:09 GMT; Secure; SameSite=None
article=; Path=/; Expires=Sun, 19 May 2024 08:33:09 GMT; Secure; SameSite=None

soar-vision.com/favicon.ico

188.114.97.1

204 No Content

0 B

URL GET HTTP/3
soar-vision.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Cookie: duid=news-c154e26f-b6f6-43e4-80fb-0ca200e8217a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 19 Apr 2024 08:33:09 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7aAJmwmMTGPQcw%2BCqDy6QRQjt8NIqLtK1e3pWHoirWb%2FbKFRiBWkNzoJAYk4bPabzWoPMSbKuAHQEbpuD8OaI16nwdxxcAX1zSCuSRkcrsUiSBOZu2uEgU9tw63iPQX2Ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c512d0f56a4-OSL
alt-svc: h3=":443"; ma=86400

soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
soar-vision.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61077)
Size
17 kB (16730 bytes)
Hash
885d599073ffbe148bdc80a6f290c842
01a816b3d95cc1920cd1352e9c3c942abaca874d
54992b57d63e453bee34817f0ea1c73f68b4bed1b5d72fc083ea5e823d82fb66

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ef13"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7284qubC64wdlSv14CRcfL%2F%2BeC%2BauEDUFizAvXOVjNXrqSRiWMOKV%2B3v7nN%2BF4wE2sVNc3yclOeEZpY%2B%2Bmc%2FwC8vOK9m6D6u6xT4yrfbZjdjL0m0e13HqTM%2BihjUuIBMJtg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4cafdf56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (8956), with no line terminators
Size
8.7 kB (8732 bytes)
Hash
91804c0df51e58b0bf469561e1ac2732
cc5a9023e310b49ef8f8ae32bb89ea774fe116ec
8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa

HTTP Headers

GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 08:33:08 GMT
date: Fri, 19 Apr 2024 08:33:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mixer-events.com/new?utm_campaign=27859&utm_source=269819&utm_medium=7738

85.192.12.172

307 Temporary Redirect

20 kB

URL User Request GET HTTP/1.1
mixer-events.com/new?utm_campaign=27859&utm_source=269819&utm_medium=7738
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Certificate
IssuerLet's Encrypt
Subjectmixer-magazin.com
Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43
ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT

File type

Size
20 kB (20315 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new?utm_campaign=27859&utm_source=269819&utm_medium=7738 HTTP/1.1
Host: mixer-events.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.14.1
Date: Fri, 19 Apr 2024 08:33:08 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 157
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Location: https://soar-vision.com?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sun, 19 May 2024 08:33:07 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==; Path=/; Expires=Sun, 19 May 2024 08:33:07 GMT; Secure; SameSite=None
sid10=0; Path=/; Expires=Sun, 19 May 2024 08:33:07 GMT; Secure; SameSite=None
uid=; Path=/; Expires=Sun, 19 May 2024 08:33:07 GMT; Secure; SameSite=None
utm_medium=7738; Path=/; Expires=Sun, 19 May 2024 08:33:08 GMT; Secure; SameSite=None

ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js

116.202.32.33

200 OK

14 kB

URL GET HTTP/2
ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
IP
116.202.32.33:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerLet's Encrypt
Subjectexpo-s.com
Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55
ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT

File type

Size
14 kB (14231 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: ffrtrinvzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:29:38 GMT
vary: Accept-Encoding
etag: W/"654e84a2-3797"
content-encoding: gzip
X-Firefox-Spdy: h2

newfeedblog.xyz/yslHOw30/?data1=2vp5lnjo7i59&data2=[TID]&data3=[SID]&data4=bananaads.pro

2.58.67.161

302 Found

20 kB

URL User Request GET HTTP/2
newfeedblog.xyz/yslHOw30/?data1=2vp5lnjo7i59&data2=[TID]&data3=[SID]&data4=bananaads.pro
IP
2.58.67.161:443
ASN
#44066 firstcolo GmbH

Certificate
IssuerLet's Encrypt
Subject*.newfeedblog.xyz
FingerprintD8:6D:45:54:44:94:39:90:7E:8D:31:D1:20:0B:30:BD:59:BC:D7:0A
ValidityWed, 24 Jan 2024 09:09:49 GMT - Tue, 23 Apr 2024 09:09:48 GMT

File type

Size
20 kB (20315 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /yslHOw30/?data1=2vp5lnjo7i59&data2=[TID]&data3=[SID]&data4=bananaads.pro HTTP/1.1
Host: newfeedblog.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 08:33:07 GMT
content-type: text/html;charset=UTF-8
location: https://yxfjtxtjxjkxh.store/news/cid352923069/nid8320/
x-powered-by: PHP/7.4.33
set-cookie: user_visit_id=visitId171624614; expires=Sat, 20-Apr-2024 08:33:07 GMT; Max-Age=86400; path=/; HttpOnly
user_segment_id=21; expires=Sat, 20-Apr-2024 08:33:07 GMT; Max-Age=86400; path=/; HttpOnly
access-control-allow-origin: *
X-Firefox-Spdy: h2

soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819

188.114.97.1

200 OK

20 kB

URL User Request GET HTTP/2
soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsoar-vision.com
Fingerprint0A:A3:73:07:D4:5D:25:09:7C:2C:6A:4D:D1:C1:C3:D5:1D:BD:F7:83
ValidityWed, 17 Apr 2024 12:24:56 GMT - Tue, 16 Jul 2024 12:24:55 GMT

File type

Size
20 kB (20315 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819 HTTP/1.1
Host: soar-vision.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:33:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
x_domain: soar-vision.com
x_theme: outofwindow3-without-dmp2.desktop
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJixFqZtFM%2BymDDPhG9OoUalgcRYzL2U%2BXdDOYz1yqb4GzQ3S5jlGWVictigXadIk36QxySDZFxgGnMG5xCwDixgV6jQm6BbM%2Fxvg6oO9FykG2JaVau1mOKT8W14YcgkWkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b8c4a3fb45695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js

116.202.32.33

200 OK

28 kB

URL GET HTTP/2
wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js
IP
116.202.32.33:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://soar-vision.com/?d=mixer-events.com&sid9=home&utm_campaign=27859&utm_medium=7738&utm_source=269819
Certificate
IssuerLet's Encrypt
Subjectexpo-s.com
Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55
ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT

File type

Size
28 kB (28439 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js HTTP/1.1
Host: wdhhsxghbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://soar-vision.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Fri, 19 Apr 2024 08:33:09 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:26:39 GMT
vary: Accept-Encoding
etag: W/"654e83ef-6f17"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML