| magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css | 188.114.96.1 | 200 OK | 95 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeUnicode text, UTF-8 text, with very long lines (64292), with no line terminators Hash1adabe89e111880ad1f2a9da15b6153c f4c74f0044dfe37a57370bc2fdb9430ceee67ce0 2343078d21ed64b82841d1d121860dc79e9f941bb8044c0e12995c939c88f91a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=374079
cache-control: public, max-age=604800
etag: W/"5b53f-66219bf2-280d42;br"
expires: Thu, 25 Apr 2024 22:17:35 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BWQEKJlUX756i8Y4hNs1UUY6Q5zYJEnKrp80DHn6jq9u1r7DvaZi3wwTOBO1c1y0Ob87bCnq8nbf35zdTJNRXWHZ7ZoVQ%2FtIw%2Bvwk7nXQPlgEXqRkGpwzBVL%2FsNa1VEySU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be63568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeJavaScript source, ASCII text, with very long lines (2785), with no line terminators Hash8961fe6fd577dfd66d12b626e64d7cff b6c8fcfb325c56ac786080cbeafefb8f24838657 1573208ffc6c2a4284750137888f470eb10838d7abf5bd2895dd8ac46642be93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:34 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"ae1-66219bf2-280d4f;br"
expires: Thu, 25 Apr 2024 22:17:35 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufaYpoPBRtyu6xtfL7i4jrPEuQdPDZfXVaGEAV49E%2BMMAV9pUnifEARnML2%2FgWjcJ6inBc0d1KnUfMKqbNYAkVXUMKex36T8qXcJdZA1OqzPrsNitdk%2BJU8%2Br5kPtip4Yg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be75568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 | 188.114.96.1 | 200 OK | 55 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 55008, version 2.5570 Hasha54202ef3bf0e3da19bca052e636ca9c 1be7b883513f1f2ae87b968e2303475493216873 5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: font/woff2
content-length: 55008
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:36 GMT
etag: "d6e0-66219bf2-280d4c;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLYGf9Cg3EWYGgiyhQO8W8gwoBV57YosnbwFy2J%2BFBiC3jsO6MaC8DumW%2F2nYB1N7JIJRxZv72oGTPk%2BpQdqGFCF74uw9koXq1lS8Xbco5XYbJxZ9JKldxT0yuFPMCOhaX4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa181c568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 50708, version 2.13828 Hash4f0d59a18ca1c88dcfbbce6510b21da5 a832475bfb2af15db4541eaba52618c26cee2cd8 f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: font/woff2
content-length: 50708
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:36 GMT
etag: "c614-66219bf2-280d4a;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZBvvx8h6tKMGv9L0Q4iexthUx9fvw2oWW6m9vlD4PxKMfp5GtkZlW9yjRUnKg1VtSbsZjJg7hxjIwieAsrrqvk5Ot4QdQnpGQI5IchUVpIG16J%2FlYRcSgRh2l%2FScMmEVgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa1825568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username.php | 188.114.96.1 | 200 OK | 79 kB |
URL User Request GET HTTP/2magicbath.co.in/css/blue-dv/clients/username.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1048) Hash6615ace75b943bb5abbfa70a736b869d 701bb5a62521f8488145447305d2f4687646f8de b6d383f3c166839c644af629dda8ec6bc5644fc67c28f7bd0095a92eb5806a75
Analyzer | Verdict | Alert | OpenPhish | phishing | Swisscom IT Services AG | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username.php HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 15:39:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7osOOPf3PcVyKLNyE1CjH57fGkUSxCdovybURVB7tXPQwhHFhIsM81NzUcVwOWk09i7l45Xk3kSNtNVqOTVEG%2FOVwFX16AJr1vuunA8b8nLcAbt8lRbmiCOmjurPNRVzH%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfce1bd705688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| magicbath.co.in/css/blue-dv/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 | 188.114.96.1 | 200 OK | 52 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 52044, version 2.5570 Hashd7955bec1417e0168f42adfe7ceaf8b5 f2cf5939bcacdefe7cbb920d7873d55b00772be0 6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: font/woff2
content-length: 52044
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:36 GMT
etag: "cb4c-66219bf2-280d4b;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7cHqEOWcjeyM1Oc%2BINlSCDjtra4ORrduv5BZ17OUTWvPoJ4WCSox1cW5g77vm84AhyHmgc8q2Z%2BcoGE3grsgYeuYDInaCsgZ%2Fjkxv7EZPUdRRHO4MmuKJjkV8ZuWnwgIw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa282e568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/8097.bundle.js | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/8097.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasheec183c0d4676057983ca9de767ca634 7ad7e104807c7cc6ce30c63a554306c8e606fa97 2eb80d73cbe7e42859ed9b72e37827b9957228cd154845d7242c495fb93b904c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/8097.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"117ee-66219bf2-280d3f;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSFF94aziQX5ubom2E0ltB%2Fint60PbLENufYGLXEE5cktmWPHlh2oAB9Nzk8PJm%2FZaiAZT%2BUcOOhRZDOrhk%2FPsgsj9pFaYyND4LZ3DMXU3JcAo1rwWk7xxvJPqGYmvEZcvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb5958568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeSVG Scalable Vector Graphics image Hash38be0de766af1aaa475f946c32b47944 646ff2fae3c8080da7c067e6506f1a1193b9cfc8 330fddfd254cb42deebdac50ccbc6d9988d365378457fae29dc10b3c2edb43e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:34 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:35 GMT
etag: W/"1813-66219bf2-280d49;br"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fT9E1mGmmFH%2BW83MEf0IH6w4UvgCM7TPD07O0xIEBMwVxyOwnO3Q7G5Wl4XjVJxWoGIQMgFL1t5KeuCr7krhCn8DgZi6DjQY7lCYnaVAdfdkelo0slIbA1rUsGW95fQNPtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be6e568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css | 188.114.96.1 | 200 OK | 9.2 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeASCII text, with no line terminators Hash4b602c2c4a95a4bf0f0b2854a4e7b1e4 7c5fbecf898d0df702d61a0b59920a9d5e5da054 9b39711a8b2b7f7b11acc561d626a087afadc40c59d057a767f39fd87e92942f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=209
cache-control: public, max-age=604800
etag: W/"d1-66219bf2-280d4e;gz"
expires: Thu, 25 Apr 2024 22:17:35 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2T1DFvgvyoCtjXJtoMSEHnBQRn87e5l0VVLx4k8JiA%2FtwmiH5uAtf9ztzvmYLZpxf7r1pK%2BwkbkKgyfUE7BHkou8a2UK4kfPk9hQJg3LkQLSG6jLaIH%2BPpar8m30c0yP3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be68568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 | 188.114.96.1 | 200 OK | 50 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 49592, version 2.5570 Hash7dac4ba6f5bfb4ba199e7fe3454a6780 8df19c4658d5317868b1d8d3c302b19eea81677e 09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: font/woff2
content-length: 49592
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 08:01:46 GMT
etag: "c1b8-66219bf2-280d4d;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2g1Cpxr9NQzyti%2Fb7y0M31gf6cnm0locj5rK7t8PzsAzmKQELsAQv7CJkKe%2FOyWpEfWG95%2BPI7hrbomCIAZBIsK2PWQMbJ9TEHnhfXXwLAC2fbK%2Bvfmi2wQNpjBciEST5DI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa1819568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/7022.bundle.js | 188.114.96.1 | 200 OK | 27 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/7022.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/7022.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"689b-66219bf2-280d3c;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52rVBSrmuDInvFtHtijkKKMKpj1ByZ4iClrY42gUZBQTk34qd2WrhvCu3wI5RxOHQmLVWuhK3cSCaL%2FqXRLeRTlUc2UgFL8qX7PMEr8Vg45UoyBZIwwL%2F5XyzSwXZIHa4Jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb3934568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/7711.bundle.js | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/7711.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeJavaScript source, ASCII text, with very long lines (20969), with no line terminators Hash67dee5ca5f1e887b8ed7f21e4a9c3932 086ea5852d22a82f9e2eb302223cc4aad88918b1 fd6609fc3a22db1dce8142ad9e9377f05b23376cef25f4010be64853dcae43bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/7711.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"51e9-66219bf2-280d3d;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9BjyN%2B3yXmjXpf%2FiU5dMtPTCda1CnzeplKpY8tS9xWwMOAFIbNaOgWNXdPCTq926%2Fgo%2FBrSZQGdc%2BZ8jbkU3MwK976CNlSxJAEkzTzFA0i03g82OqyynWGEvk9GGgmirZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb3936568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 | 188.114.96.1 | 200 OK | 76 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75844, version 1.0 Hashf03eecedd83c09fb648538ec25dc01ef 29bc7966a7672d83e10870afc674e2d2c77eaec5 8bfc2db20d1d140388014d43c7fa13c0f63fd62e299c1954a792d321d9bde310
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: font/woff2
content-length: 75844
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:36 GMT
etag: "12844-66219bf2-280d48;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J580D%2FbPQgxHqnSIgcZKkI9uUdsCxwKE2ZVWP5HsS3gNv8hbdCkYLM3JlhOzfP4PJNACqRz5YszPgLkJlFEQHvz5vBkhtdoLUVdeRuivD%2BtdRPI%2FTeRYQEmmNByGPt9FrtY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa282f568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/8726.bundle.js | 188.114.96.1 | 200 OK | 2.4 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/8726.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2423), with no line terminators Hashcd6e1e85bbee7fd84b14f67d4b354b0c 327823e71250ac06670e4e02b73fb945016598ad 9510b905bdb14e9ef1e17de41d847548f6ef80dcd00b1f1a3be33dda09db8f9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/8726.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"961-66219bf2-280d40;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2eNbssOIw1UXRmTQakSHxmpGnIzyKzm3SG5mdwSsmQiFLBVUPNwKhTUMXuL4WrEfuHrkPnhr4eKE32nHWvFMlfYIREJo3XlsR%2Ff7zu0ayqdc8FUs%2BSlHIqWrUuo1Y2M88c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb595a568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/favicon.ico | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3magicbath.co.in/favicon.ico IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:37 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
last-modified: Fri, 19 Apr 2024 14:00:51 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxILYRT0EjOu6j6C6TjKX2subDodS4t6GTKpKEAxTc9Jh0A7QJxglJibtLcyBaHHxzkz5zly2wipirOcg%2BkDNqWdV12zE77PEoIoWjVd3tcyvM6hOnxDdKyU9Dm8UtHIzok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfd022801568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js | 188.114.96.1 | 200 OK | 228 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Size228 kB (227742 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=227746
cache-control: public, max-age=604800
etag: W/"379a2-66219bf2-280d46;br"
expires: Fri, 26 Apr 2024 04:14:51 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jl2yst3UxJeg9vArwHO9IixH0vehBTv5I%2F8gxjUR6taL5auamKQYutCrCO2r59Wye5c2L9teHgy88dnCsyEAlF5wjQPsfwyWDD07eKMKBVJk7AdSHYp0ZjPwwUiYDAzr3XM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be74568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/7913.bundle.js | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/7913.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/7913.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"5ef4-66219bf2-280d3e;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nOmbNpgG2F0vODCALEwOnx6V%2B5PnUqp1H6nnIf4ecyTZ%2B83Vf1O2EjWJ1iJb0CPxGWYq0pAGcygeL50JqZ0MWH16zvogUMvxXgvoaISJGNFrHpO6roWi2grGXVjohmoMxwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb595c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/9787.bundle.js | 188.114.96.1 | 200 OK | 3.1 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/9787.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3167), with no line terminators Hashc44ab995d51a3a9f0e2d32c22fa1fe0f b431a57ea7429ddcbcc8a0abd31627c6fe5f715c c84f28932dd8eb706d498ff1cf2a4c1f3b2023f9c8e0c33029543a7ba1c2337e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/9787.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"c47-66219bf2-280d41;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Beh0Z2dluFLo3ScZBrVNG%2B6KGvyT3MmeFhp%2BhCtvHxIFgsDMRiK%2B7eZh2IN7ZUPb3aCoG6VdSxCt3ZMgDihBTydoABrHQTcJtib0Sd0dTZDfTbTZzsn%2Fvb1LcAKBSUI8Hxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfd00deef568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js | 188.114.96.1 | 200 OK | 91 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:34 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=90610
cache-control: public, max-age=604800
etag: W/"161f2-66219bf2-280d43;br"
expires: Thu, 25 Apr 2024 22:17:35 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0L5fMa%2B%2FewZfocdvZMRL2bKJ%2FLS5Yah8TvHk3otEWUfPfb7AsAlFkhHZUpJXV4hcBeAtV14Zak11rjkoCkcB%2F%2BUy6XmZcUHZY1R1n%2F3L3VAFYLqHzc4nnxTJS8I%2Fn1WyaNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcf0be71568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typePNG image data, 3600 x 40, 8-bit colormap, non-interlaced Hashdb5b9234be03de8612bb31c38e09fcf7 025c237758f5f3a815dc1bed0919e93e508bff8f f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:35 GMT
content-type: image/png
content-length: 38448
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 22:17:36 GMT
etag: "9630-66219bf2-280d45;;;"
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Fd16A2oLv6Um9JIU83KX8FN186CKZyx%2FvFxp0Sp7q7QkGG1e3SIuojaA0dnZxK1B0mMF8f6yEl4CAtFW4j0BOrym%2FbUV2H6AZOQyOobL3KSsXiah2AN5Ir0D3QJpIy4JtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876dfcfa080f568b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/2475.bundle.js | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/2475.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
File typeJavaScript source, ASCII text, with very long lines (24108), with no line terminators Hash44a3b4440c3283969ef120c4c2c17e4e 911f93fa1b71803d8627662d635bef88cecb6f8a 14ad0430c69b5fd31a519b3bb0ba5023c3f496f5de2bcfb75de8dd62866b02b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/2475.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: application/x-javascript
cf-bgj: minify
cache-control: public, max-age=604800
etag: W/"5e2c-66219bf2-280d39;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVpedDOff1AAjBJMa6C6Abj%2Bt2bBzCkv%2BovWVuEDlcqhWfCNHvEGP5WVfaMVzDKRWetnWvYp3OqE7dw7m%2FpdkdhbTT%2BSfM3d9mbYE%2FeZfFRm8dagTEE%2B4JKWVdxhjx4EK%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb3938568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| magicbath.co.in/css/blue-dv/clients/username/5353.bundle.js | 188.114.96.1 | 200 OK | 83 kB |
URL GET HTTP/3magicbath.co.in/css/blue-dv/clients/username/5353.bundle.js IP188.114.96.1:443
Requested byhttps://magicbath.co.in/css/blue-dv/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectmagicbath.co.in FingerprintFE:B7:AB:64:21:57:65:22:A6:B1:8E:08:12:EF:A9:88:76:1A:94:82 ValidityFri, 22 Mar 2024 02:24:31 GMT - Thu, 20 Jun 2024 02:24:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/blue-dv/clients/username/5353.bundle.js HTTP/1.1
Host: magicbath.co.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magicbath.co.in/css/blue-dv/clients/username.php
Cookie: PHPSESSID=khfdl9s81ukf9fia4btml34ia4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 15:39:36 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=83411
cache-control: public, max-age=604800
etag: W/"145d3-66219bf2-280d3b;br"
expires: Thu, 25 Apr 2024 22:17:36 GMT
last-modified: Thu, 18 Apr 2024 22:17:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s150%2BN8RorSCSAUUHReCoxtDpGl%2FoQOpO66cR87IOWhJQF78Sv3dbCyd6pBJb2vZQ3j7g8aZBXZRknrNW9RCgRg7wLLQ3ppOWWq891FyMcF7UlmITpuap3qNFfQzZePxoNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876dfcfb5962568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|