| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:15 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: b04adccc607c9b2da21744e477788492-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:15 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5b855162ba5aecb5f8c20bd436536226-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 3cf24c002ae2bcff3d6703c7133f6f5e-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:15 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 7a4580fa9e37a517ee35907cf414c325-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:18 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 99e84b7a54584888775c75f5bac4a41b-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:18 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 3a955ebe4c23bce621c1b68b28bed604-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:18 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 27aa20a332ff5bb610508d19411b25c9-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: cdfe54b1e515c79c9c3d357793f93860-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:19 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: cdd1cdf5b98795f64a98c47874cd1b4e-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAQdxE08NPLRhiTUheKajnEqrr_aH2T0-u85NEqlIHnuFyGj1mAAAAAADOAAA5xAFdawfo76YkRE3uqPMQAAAAK9jnwDTbcgyPZRhrc1nTXA
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:22 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: b623ac1a2a5cecf5874c4d073b274aa8-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:22 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 1a42b2e5fd3db42f0feb0bb75e433a22-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:22 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: e2d605f7af293447b9494b699354c651-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 892e03159b27d11aa1b458061291a480-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:22 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 1d5510404693286e69cae21da6d5ecbe-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAOExgnMtlNwLTGTl6PXP8xYJsZ1W04CscJ4hQQTZ_7_xyGj1mAAQAAADnAADRPgdCoSuE_GrWVf72l0IIAAAA0ZL25foYtCPohPdIEpSptg
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:25 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: ff7a8fb94e7fad033092e01f15c0f2e5-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:25 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 8b6e6d47b1db7fc5c83d1c38e38c5421-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:25 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 37b9d12af63e4dffa2a06193b57c7aa1-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 4865016b3b68dbf1da9d0b01cded63c6-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:25 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: eda2f87d0f75114951f478d984fae43c-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAa3Q1RDOU3f6dl4tyx96O14pwsRqPFfiRFKapAUn1R9dyGj1mAAcAAADnAAA0T09NcNJGOOesnWCxGEy0AAAACUpU25IZ3KdUNlN4bjR_TQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:28 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5cb4605f23e9437b7e3286ce398ded78-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:28 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 10cf5fd29da9305959553edce4abc240-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:28 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5b4ed1dc5ccb96a2b0e8f853d3d8e0df-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 11da68c2b3793ceefa7fc613f1c71bb2-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:28 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 99cbd10bcfaba36e9f34903ac139325a-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAb81jtXBSUmQYesO_bKaVAz4_qa_GnDabTg2vzDV_SVxyGj1mAAoAAADnAAClWg1lvrIhXpRlhy_fFaBeAAAAGT6OZVlvcZTXxichJbVJZQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:31 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 516b5c77f2da680b25faa79c630e931a-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:31 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 552c5b8a94d61194fc31e3b90a69a78b-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:31 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: f782c37db3be4450c73ec28bb652f03e-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 71ba9f9987d1b644b0d393a23c8c018e-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:32 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 47ccb6a6be096b081df569c0195cd144-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEAJZ0ga_4pR34-AqJ28wWSvjOyd-6N_io6gzcDprUDgYNyGj1mAA0AAADnAABd4SEKTRqpWrfkGjvUevH5AAAAUwNXauZLGiQS7m1vmcfQMQ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:35 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: aa80872c31c14ed0b9376436ec8e87b8-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|
| | 154.41.248.227 | 403 Forbidden | 2.2 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://magic-effect.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: hcdn
date: Thu, 09 May 2024 18:48:35 GMT
content-type: text/html
content-length: 2193
vary: Accept-Encoding
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 873a20b2d78a0538e7afe663b19605c7-bnk-edge2
X-Firefox-Spdy: h2
|
|
| | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL User Request GET HTTP/1.1IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:35 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 83c403928eda864b0586f6c631a0b88b-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge | 154.41.248.227 | 200 OK | 135 B |
URL GET HTTP/1.1magic-effect.com/hcdn-cgi/jschallenge IP154.41.248.227:80 ASN#47583 Hostinger International Limited
Hash65ebb44dc76643df1621862148a8baf6 1ecc3401c0597af87260638bb198bac7fd63aa21 bb39ee7bf05768534e1dc3dc850a0173233ca48d8d8ee69246c8d6215b88e321
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /hcdn-cgi/jschallenge HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: cb25f43971f3691ebbfad59b785bfb98-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Content-Encoding: gzip
|
|
| magic-effect.com/favicon.ico | 154.41.248.227 | 403 Forbidden | 2.4 kB |
URL GET HTTP/1.1magic-effect.com/favicon.ico IP154.41.248.227:80 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text, with very long lines (4792), with no line terminators Hashb649bb4bbcec6444434d2df7501effb6 f8a04ac654e2234fa2644abf8e293d02bc01c8fd c2779250c7e25bb12281a890f3ec61c3585c5bbad82fbbb55a3068191004fc4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: hcdn
Date: Thu, 09 May 2024 18:48:35 GMT
Content-Type: text/html
Content-Length: 2393
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: fe9652695c197c1be073b6f1c862053f-bnk-edge2
|
|
| magic-effect.com/hcdn-cgi/jschallenge-validate | 154.41.248.227 | | 0 B |
URL magic-effect.com/hcdn-cgi/jschallenge-validate IP154.41.248.227:0 ASN#47583 Hostinger International Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hcdn-cgi/jschallenge-validate HTTP/1.1
Host: magic-effect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://magic-effect.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: http://magic-effect.com
DNT: 1
Connection: keep-alive
Cookie: hcdn=AQEATbHAXUVaYZ7gVx6S2rd1Zagz6HkCRRl3XZpInQ-9wc1yGj1mABEAAADnAAAkvkK-cHxWpDs7hm7i1EzQAAAADAlQxV4aVPCnQYnqELhu9w
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: hcdn
Date: Thu, 09 May 2024 18:48:38 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: hcdn=AQEAvbhe88LgUsEP_uZQUUJcz7ba-8OPLa4uGV5L_TWWI6JyGj1mABQAAADnAADBTyFu1kndXP4G4TElTZMmAAAAiLdL6hbbQ6DlAMo4LjlBug; Path=/; SameSite=Lax; HttpOnly
alt-svc: h3=":443"; ma=86400
x-hcdn-request-id: 5e98ee4b4fbe9247cd68f70e9eb4b6c5-bnk-edge2
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
|
|