{"report_id":"22a59671-2631-4183-bc40-3e7ebad1059e","version":6,"status":"done","tags":[],"date":"2026-01-24T22:03:10Z","url":{"schema":"https","addr":"magavoice.info/","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"magavoice.info/","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"title":"TRUMP MEME - Crypto Airdrop","dom":{"size":60078,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7576)","md5":"5047877844c6d5d1942c95a6aa0c576d","sha1":"57152aea837d88f200b01a9f990770b39ac48b72","sha256":"329895778fcae48b48c86c069f479b65a5fc73f0e7c2fd0da876b513ddabe0a6","sha512":"3fd806bda8c7b7cb4e2a5fee360f567c5f43c5f0c14f7ffd55eb69d78145db67b37da5e11bdfa3ede5aee4a2124b99487d9323380c1fb59ebba42da5ff776409","ssdeep":"1536:485Q+r+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiC:FTr+ks5ZEDPkl580iC","tlshash":"5043e91444f2342b1063e0925b236a0a36a1e12bfbdad91836fc0ba87fc7d74c65779d","dom_hash":"domhash73731c5c98f4af22bc87ea3f748d7374","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"magavoice.info/","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-28T22:03:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":3,"urlquery":0,"analyzer":9}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T22:03:06Z","timestamp":1769292186,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-01-24T22:03:06.530115+0000\",\"flow_id\":3733427191827,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":48218,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":915,\"bytes_toclient\":1654,\"start\":\"2026-01-24T22:03:06.524307+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T22:03:07Z","timestamp":1769292187,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":49296,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-01-24T22:03:07.119434+0000\",\"flow_id\":1845419698753688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":49296,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":918,\"bytes_toclient\":1434,\"start\":\"2026-01-24T22:03:07.069784+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-24T22:03:07Z","timestamp":1769292187,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":49310,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-01-24T22:03:07.122344+0000\",\"flow_id\":54521415536913,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.36\",\"src_port\":49310,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4500,\"start\":\"2026-01-24T22:03:07.069905+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/w-modal.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/w-loader.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/modules.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/f2f664cd3eaf8159.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/75a2b304584e8272.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/abda984caa141f8f.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/8d5063bf855666db.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null},"summary":[{"fqdn":"magavoice.info","ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-24T15:14:46.737076Z","last_seen":"2026-01-24T15:14:46.737076Z","alert_count":9,"request_count":23,"received_data":10224960,"sent_data":10624,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipapi.co","ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-01-21T11:31:32.920055Z","alert_count":0,"request_count":1,"received_data":2475,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-01-19T08:09:39.571643Z","alert_count":0,"request_count":1,"received_data":271,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"magavoice.info/css/style.css","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:52 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Tue, 30 Sep 2025 19:14:21 GMT\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"68dc2c0d-1a1c3\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BWlRNXjb%2BJlM7ytXs5%2BGEn0ykhohkgQ8sp8URnbHg%2FZ5EcaEP8roT4MHfp5fLA4VRsJJ3ZirD8UMKFypPx0dTuSlf%2B7rGZK4bhRUJA%3D%3D\"}]}\r\ncf-ray: 9c32d1393858b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":106947,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20712)","md5":"c7e69d9c939e15364c321bbfbc37ada0","sha1":"4a3b3c08bd2205158a6d17cd33f0c1e7ed8ec411","sha256":"2037537f4b70c5882a170fd131a2eb36b2d5e590a18de9a1ad299ba05d617482","sha512":"235ca894b3710c8b4fdf8d53af387b8d3458ece474dbced0809b1da96aae9ead60f84f057fe360bd3ad34d3a2f0f420855ea2b06a914317d1395ac22a1eb4a3d","ssdeep":"768:+z52+UJi/W7l839RgC+/XmyfuCiMnobhGA0o/JN0FYU:R+URi39m/XxuCXnobhGA0o/r0FYU","tlshash":"3fa3a46008292010a32b4ec237cbbe256b4c5105f426aa3abbfe545defdfe79136075d","first_seen":"2025-10-19T11:54:09.696204Z","last_seen":"2026-01-24T22:03:12.021291Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/1db50a5c8105cb74.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/1db50a5c8105cb74.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:54 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0L8eYu1ZkjrrYrcOMsHntOXLaYGkrUo2aeah8G54g6rsvGBxD5cjE%2F9pxpYNcB%2F8jEUy2B2KMbaBrlFmsRkusrUd6vDEujLvNxEwRA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f3985b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":1513,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1511,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/363b185adeda9e8b.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/363b185adeda9e8b.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:57 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kNWP2PXuzek3oDsO%2FjHOGoXmiob1o9ili5qNwCwNk6Fqbl3gIhtLGoYU4MsNE1UOT%2FPowtSnPxOvZTbmpU0SB8YjmQpZ%2F5DzV2AweQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f5988b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":5037,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5036,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/5b83efacac58f865.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/5b83efacac58f865.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gf6sIcD64btRsg9OOLr%2BrR7ChkP6FR3xvSsZFD3gyBTCmhLjXfyTvUjb1p8iB94vunxsfEmY%2FjsB2b0ESRfecr7%2B%2BwZd0FbsP1C%2BRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f598bb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":4192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4191,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/423c099574ee4df7.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:54.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/423c099574ee4df7.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:55 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4IIE%2B1pt2DtqeqfJVmNzYak23D97W1HFTZHKNKOxqEe4UHZtGREsnSVoFL2RxeRikEwRc5HQCZ7TFcn09HfsQirUuc%2FhrkRtlfvhOw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d15cea31b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-24T22:02:47.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 22:02:48 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ul8S7s6wFxMDxayz9k3uvrVuqHQrLvhO%2F4jm8oH3VeiElGD3d7%2F7ZaohnXMVA%2FC4w8oc7vWIfDs6iu7zb8NYqoWBsPZQJQMBzJGjZ2gv\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c32d12e4f230daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1645,"timings":{"blocked":38,"dns":23,"connect":1,"send":0,"wait":1563,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/assets/w-modal.js","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /assets/w-modal.js HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i%2FvyHY9LpvMjvDVNpMFA0JE5B0uINY47sreaqEmYjGpS9Kix2AZBbKX%2Bc8x2peZFJ8OcIxvGFLpPiDjlKppSXcMOnV40VMUIiaWaQg%3D%3D\"}]}\r\ncf-ray: 9c32d139385cb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/w-modal.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/assets/w-loader.js","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /assets/w-loader.js HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:50 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iaZ1miv3z2%2BtgXl1D2zGcdxIUctIjDvodfG1pGxwessC3iMhJe8q9%2B0ts%2FPD5JfheJuwhbtH%2FfpgoadA8oxtukNDbXWt4MsZCE3Z5g%3D%3D\"}]}\r\ncf-ray: 9c32d139385db50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1208,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/w-loader.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/images/46f7dee64202e390.webp","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /images/46f7dee64202e390.webp HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:55 GMT\r\ncontent-type: image/webp\r\ncontent-length: 242628\r\nlast-modified: Tue, 30 Sep 2025 10:50:44 GMT\r\npriority: u=4,i=?0\r\netag: \"68dbb604-3b3c4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zz4vTrT3iTCrFGh8L7%2BR551sWg9eLwJQV2H0YwshjIpBYbqZvLtkW0sgLgZnTtpaP4T9RCQgHvw8wXNmOFOhMoGAejdX%2BLMv7D5K0A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f1982b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":242628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d0619180167d00e51fcb1071b0417081","sha1":"d19752c83b492c69f7446f076c7a637820c44322","sha256":"0c7c956550818d505ebd14c5ae8e5d926c6707b6f29ac314b7730fb69d76571f","sha512":"b3356ca0be57748e3f043f1450a73fd77ee1eeb6d58590d564aa74929739dcc6160d4a2d1b957de6cf8938ebaf9fad02552e6d00102022cc7ca03d36e2fc9bde","ssdeep":"6144:cBBn914c3Pb8suPpHBK34oJOwxZUKZMsjdgY0xD:eB91hTCpHB24o/8KdjiYu","tlshash":"4734227ed12b0c1a52b3c9f56153988dbacf3acc24d47a6c996c39b3e9a4346c80c45f","first_seen":"2025-01-27T12:55:31.865044Z","last_seen":"2026-03-26T06:04:27.138678Z","times_seen":31,"resource_available":false,"data":null}},"time_used":2849,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2840,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/favicon.ico","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://magavoice.info/","date":"2026-01-24T22:03:00.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:03:01 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Tue, 30 Sep 2025 19:13:42 GMT\r\npriority: u=6,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"68dc2be6-30e5f\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=asyVrlhwKzob9GOr7%2FKzWEytXDJPSCbbkWJnml3xttQtlEwAyzP8Z8j%2FlykJoX0kLUkU4LOjVDbju6iDNGu4PPk%2Bimh5c3QTr2G2DQ%3D%3D\"}]}\r\ncf-ray: 9c32d17f8bc0b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200287,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x1800, components 3","md5":"5c2bf7555144e6fe4430c5f3edebaaf8","sha1":"4ade866e2f67e1572d1805f9d66587c75cb6474e","sha256":"768a1ed77b68bdf63c3448fb4fbdaedb4cfbd2386ec63e8f095f45192c7e4eb7","sha512":"72715dfd474de62f1ce4e554c9644f44ccac97612a13e79c4dc75a54e75154d30a859abc9b72cd494b9daedc4bb9d66d9f47cd92fe39069195e0beda72429325","ssdeep":"6144:o7LJAS0Qj7RSruo2H23sHpzhVmLaP2porFBd:oRAtQjVSruoE4LRsvd","tlshash":"341412f31749d89b4d2e9b3280ee5e7eb08093d5277a7197b32526387974cf4078293a","first_seen":"2025-10-19T11:54:09.66385Z","last_seen":"2026-01-24T22:03:12.028857Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1464,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/91.90.42.154/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.9.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://magavoice.info/","date":"2026-01-24T22:03:06.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /91.90.42.154/json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://magavoice.info/\r\nOrigin: https://magavoice.info\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 22:03:07 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: OPTIONS, GET, HEAD, POST, OPTIONS\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://magavoice.info\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZP99Hr%2Fc8E%2FmqctEv6vG8laBNe1%2FYddG8T2s4leQw6yiwZCF%2BBGWDfCRUyKDbtnpsb3ClFl5sTxyC4Bs9hD3lfk9fqpM\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c32d1a7399eb518-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"460b460d57658b5fd29c5e4934445c33","sha1":"24a724b25ef1401657cafa588835edfb9f7ef1f7","sha256":"93eefe1243dfce9ac06bf199cc9962e610bab6bff4f096662a357d27c9aefa70","sha512":"127d42078b0a87c6d0a70bd359dbcf50844e871ae9e98875a63f2303950b50bcc04fdb72df3f2e157dde3c019355fb67791147d38d6c3c570e1bde1d3b8f31c2","ssdeep":"","tlshash":"a9012428e4680e7b88b80358b4286a07122422075f16354e7fd4878d0f8d8bf20b124e","first_seen":"2025-12-17T10:03:05.72606Z","last_seen":"2026-03-25T09:03:12.863773Z","times_seen":3067,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":38,"dns":21,"connect":1,"send":0,"wait":257,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/assets/app.min.js","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /assets/app.min.js HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:50 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Tue, 23 Dec 2025 12:51:26 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"694a904e-86fd7d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z8utYgELri0Icc2OYTARwKkQX9kXjCdx4hOfp5ck1l9q1Po29nb2YT%2B7P8dXDN7BaZpib77AOUhyJ8dYIBkEKrEkxUrnAjp5gn0Rgw%3D%3D\"}]}\r\ncf-ray: 9c32d1393859b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8846717,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a1ad49e448f78ae2a478edf85bd1e1d2","sha1":"07518d38d31133c3d2e81253447720294b06e332","sha256":"44a5d5241caf2313ba1449dc763e1e8e021f7140a4b30700e337cd304f7b1c7f","sha512":"44a722a98cee7d10796b0c14a9b700a2265773cca84a9e393a5f32b751166b1d8433cd15ac875f43d847563d9f4161d1ae1ee3308bfaee9cba78772212bf6576","ssdeep":"24576:KsRzb01rJRfPWfnbKIp2ACteLC5GtpGz/jLNi047hw7/J05K3eTQim36Pll1OERD:KsRzb01rJRfufnbKIp2ACteLC5GtpGzc","tlshash":"a625c444b2c874902307abbb761b70e6f5690cda70c8484bf658fcacf87171ae5e5936","first_seen":"2026-01-24T15:14:51.203195Z","last_seen":"2026-01-24T22:03:12.03183Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1942,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1432,"receive":510,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/T-Fight-Figure-3_1T-Fight-Figure-3.webp","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /T-Fight-Figure-3_1T-Fight-Figure-3.webp HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:51 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33878\r\nlast-modified: Tue, 30 Sep 2025 19:13:42 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2be6-8456\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2BQ%2BLZmXDVnPLqL3gygLLoQqgup4KV3Z%2F3H%2B4oU8elEw6wSxJpCVqUJ401e2E4WEjWSVs1g5%2BTVY2WPneOf2988ybZmyeg4Y02bDcQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d139385ab50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2c3dc9d8cef4dd47e61b9fa0585aee38","sha1":"1a1577e95fe843d0f87bfb83c09da0d194f0af03","sha256":"e8c0660e9fab4b94f63dcfe1a28b1a96d583ac6164703f19422f4dffd81fcb2a","sha512":"f4136ced6d2de446752fadecbdeb56d9d5b399d3e22b7680f8a444756371362f5031cbf90ba4adf3e93b92b89a5fba1296c0571d1e86105aa81c0144ef3ebdac","ssdeep":"768:tnidjEaWLq7j5De8hpSES+Robeq5niZXSPemM9Z7K4IwGcXeZ7:tidjjNtDe8hcEbobeq5iZXeem4Zv8p","tlshash":"7be2f1dad56ca1e3b3cf61461aa4f117b91a23d887add81e70325eefc9c99480c4ed08","first_seen":"2025-01-27T12:55:31.840484Z","last_seen":"2026-05-02T13:34:17.234987Z","times_seen":45,"resource_available":false,"data":null}},"time_used":2533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2532,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/assets/modules.js","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /assets/modules.js HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:52 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MD21h0h2kRKQLq2clntkAFi8bwDckOFvtboqIE4%2ByXojuDVOlQhUx1NqVUojORA9LDP%2B57HBKkLGeNDMEHWDmEz5RBbmYsbBGkNSLQ%3D%3D\"}]}\r\ncf-ray: 9c32d139385eb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3445,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/modules.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/assets/main.js","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /assets/main.js HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:03:03 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BVOZ0bj2ULLe4d2SDi10YecuxxZAHGqGHIod%2FDEFcTiu%2Femw2qKTmT4OmCabCRNSuTMwSMV%2FQlVGv0KHSCoOlHH9RxqKPP7LLMXn5w%3D%3D\"}]}\r\ncf-ray: 9c32d139485fb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":13864,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13864,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/assets/main.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/images/d498002f73cad754.webp","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /images/d498002f73cad754.webp HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29472\r\nlast-modified: Tue, 30 Sep 2025 10:50:44 GMT\r\npriority: u=4,i=?0\r\netag: \"68dbb604-7320\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s9H9qNh9J7TG5yPXmnOKG6veSs%2Bm4fkq9YzzbghQOvVqpgNbJxRg2bViOHA8fmCb2hiQzwh9zKZLz8wtoIgPWoG8uG%2FwHdCCPx13xg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f1983b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"387cb40fb31f79e8762f299580c607fd","sha1":"af71cae0516d551603cb79f799c40b8432b5f1f2","sha256":"bd705d9917c8a6bd0c72c27ac6434231c86105c8b82cb6d8667a822667d3e71e","sha512":"5982fd10047dd670376c5fb76f97ed0310c81c93caac1a47dba6fe5a164ced616214538da96770466d3c087238f6c81216f28a51bee3f4b0ae586d115a70e8bf","ssdeep":"768:BzXbx+Au+AG9A+CO5rchHzHlaHDER7e5YjE:B/Qz+Az+CO5rchTHEG7XA","tlshash":"78d2f1c1607761da3b142ea86f1de4e604d710d52401b36271ea7e856df3e34c1f9bac","first_seen":"2025-01-27T12:55:31.842588Z","last_seen":"2026-05-02T13:34:17.236887Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1507,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1505,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/f2f664cd3eaf8159.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/f2f664cd3eaf8159.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gL3lYqhFisQHenOtktvgeU6UuQ9PqCOucStpvvEtax0Xap1G9sY%2FS3x4Y6epMGo%2FstOAQ6B%2F4FEu5%2BgloOkFPW%2Bb9I3uIE9%2FmGWEYQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9c32d14f598db50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1471,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1469,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/f2f664cd3eaf8159.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/0ca194d4ddb3b942.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:54.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/0ca194d4ddb3b942.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:03:01 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gmfi%2FnWJt9vLoDiCFWvXQfzssgZ7H6UDiMAh%2FX5rNOL8eN5pqOtF16f1upPPXOFddnAATjgYhc1Jh7%2BEkaOBZgNLryrbeDhgwGYwig%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d15909fcb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":6960,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6958,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/75a2b304584e8272.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:54.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/75a2b304584e8272.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:58 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b5UwasnuVFrazU%2B88psESeikCSZ%2FUi1PhAuZFkP%2B8CrgrUWF35gtDD5SOyQmL3ne2cQLihPNnHJKW%2BfoQoCe%2B2DyMWsiAk0stDNwlg%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9c32d15cea32b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3735,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3734,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/75a2b304584e8272.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/images/63434bd658100234.svg","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:49.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /images/63434bd658100234.svg HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:50 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Tue, 30 Sep 2025 10:50:44 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\netag: W/\"68dbb604-4f5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LxXdBUe3I2BWWQu6Jg6WPwqJy5bAl3hucPJLtkiosf6IRAe8PYBckskM1XZKgwR9lif71U9d1LmUfkrbazqcNcLDlBPxoRZ54jEvgQ%3D%3D\"}]}\r\ncf-ray: 9c32d139385bb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1269,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e0216c256bd2ca908ea6a6d5b4015a75","sha1":"d7e23a3178c5ffd7f80b72b0d9a47d5fb5fcc805","sha256":"68c30f3325baa5f15c6ea9efae86e7e8a654aedc74f7ac89f50977649ba0806a","sha512":"56abcb8cb13c09527dcc015ede77b8add47876ad7d34563b76fa9e33a07cb8ab28a1838821e2dcceb3e2f408d1133eeeb58c573922f7c3c7ba54b597072578a0","ssdeep":"","tlshash":"e62132db4b10454cf7cd15b0ee396d8b372eb1b61fd26804d54c6c08c8b2d65c0aad0c","first_seen":"2025-10-19T11:54:09.701118Z","last_seen":"2026-01-24T22:03:12.034956Z","times_seen":7,"resource_available":false,"data":null}},"time_used":1145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/694b7c6e96132ba3.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/694b7c6e96132ba3.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48256\r\nlast-modified: Tue, 30 Sep 2025 19:14:45 GMT\r\npriority: u=4,i=?0\r\netag: \"68dc2c25-bc80\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=etqOlcVdEbtbVUrcqHiTPdxVfNNcKQsyzgYr0aSE4it8ufZULGyn%2F6LqoGhzk02Lrnt%2FkTmDy8iHHTLK1fxYLJ0GGthcXrW3pPd%2FeQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9c32d14f598ab50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48256,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-06-08T19:22:34.446784Z","times_seen":18940,"resource_available":false,"data":null}},"time_used":868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":865,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/abda984caa141f8f.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:52.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/abda984caa141f8f.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VfTgAmIpqJFpEZYmiUcQuzf1YNwZbhGR1jsAo6YHMfsWDFbXCU8maZnwwBcVHlkIhO2aM64J7v6UY7%2B5mApgtSoRoiHoyNjMHdW98g%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9c32d14f598cb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2159,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/abda984caa141f8f.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/fonts/8d5063bf855666db.woff2","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://magavoice.info/","date":"2026-01-24T22:02:54.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /fonts/8d5063bf855666db.woff2 HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://magavoice.info/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:02:54 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Wed, 07 Jan 2026 20:47:46 GMT\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hfd6Jvk4lYrM4k5lxtKTs6KZu0dUAE%2FsXimphEuhuoEaSHqHyO92bDhiaB%2BAQqDuHTMdl%2F84Mn6ZgMPLFTgsZ8FAY5dQnlJNd%2BnG%2Bw%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\ncf-ray: 9c32d15909fdb50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50937,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"735ed643ff117545ab1b7726e72381fa","sha1":"332ef26a1aa49313750325323335db8851bc6258","sha256":"79ce7ccf3832f9b77c65ce6716aa032cd8c0bc44e4c7ed9dcdd3c60b35a88850","sha512":"b809d130828ccd6dae28220a54878a60979d18ed0fadb1760ed3dd161af54c7ad35df8e252ca36d680b48b2082010766b7ad885bc2fc5531e8b94edb5d7b48be","ssdeep":"1536:I9u+ksIQ2Dq7zCucuOWppksD0KXcDvffkrZ52asxWFiH:0u+ks5ZEDPkl580iH","tlshash":"7b33d82414f3242a1053a0569b57560a3a36e03b7e8bc95832bc0fa97fc7d78c797b9d","first_seen":"2026-01-24T15:14:51.197417Z","last_seen":"2026-01-24T22:03:12.024566Z","times_seen":2,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":460,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-24","alert":"Detects file containing Telegram Bot API","trigger":"magavoice.info/fonts/8d5063bf855666db.woff2","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://magavoice.info/","date":"2026-01-24T22:03:06.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 01 Jan 2026 12:15:50 GMT","end":"Wed, 01 Apr 2026 13:15:39 GMT"},"fingerprint":{"sha1":"E8:04:3F:4D:91:E2:52:D3:E0:EA:F7:1A:C8:8C:94:50:7C:2E:FF:FF","sha256":"A1:8E:F1:BF:52:25:E4:EE:2D:91:8B:1E:0B:E7:A1:C3:B9:7D:DF:7D:D1:57:11:6A:14:CF:F2:A6:DF:D1:B0:18"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://magavoice.info/\r\nOrigin: https://magavoice.info\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 24 Jan 2026 22:03:06 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9c32d1a5ec838deb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T07:51:18.251001Z","times_seen":93313,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":52,"dns":34,"connect":1,"send":0,"wait":124,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"magavoice.info/cfg.json","fqdn":"magavoice.info","domain":"magavoice.info","tld":"info"},"ip":{"addr":"104.21.64.147","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://magavoice.info/","date":"2026-01-24T22:03:06.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magavoice.info","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 20 Jan 2026 15:28:43 GMT","end":"Mon, 20 Apr 2026 16:27:36 GMT"},"fingerprint":{"sha1":"99:24:6D:70:24:2C:BC:71:61:9E:B3:E4:6E:28:CC:F0:CD:E7:D8:A0","sha256":"71:C8:27:5C:C7:48:92:E0:DE:02:F3:1B:B1:C3:88:EC:04:82:C3:C8:AF:AC:82:C3:01:0C:A9:08:FA:46:BF:3B"}}},"request":{"raw":"GET /cfg.json HTTP/1.1\r\nHost: magavoice.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://magavoice.info/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 24 Jan 2026 22:03:06 GMT\r\ncontent-type: application/json\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oc9WqjDHxnQTI4p2WgEOIswG%2FW4%2F1ql9a0jmktus8JNVN%2FlwwUlpLZT4BHbH1uHqOBchkVmhicY8lsQ6dDinFnOV7qPRH2AW8CenHw%3D%3D\"}]}\r\nlast-modified: Wed, 07 Jan 2026 15:48:12 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\netag: W/\"695e803c-c2\"\r\ncf-ray: 9c32d1a5ae89b50b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":194,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"8e5b9703f9bbe6270c9849551e2cc9c3","sha1":"9e1d7bb4a70af57b38bc85009ffbae299fdb0097","sha256":"3ce82d8d4299841257350e8877e39b09608a68af35927d371f3473e95305e73f","sha512":"64ada5afa89a4ba0abe9fbbcc8142b311bac1d5ff69500245674975e1ffeccab0b5f03bcfd219be63d63bc4881cc94c7f899b959bac0630964d80ceaa00e3112","ssdeep":"","tlshash":"a2c0125b0c59541f7a31413588b616fd395a5f9d88351c932d3bb83a89e12025820f66","first_seen":"2026-01-24T15:14:51.200917Z","last_seen":"2026-01-24T22:03:12.036575Z","times_seen":2,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":332,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}