{"report_id":"771bb04d-9e54-4e27-ace0-705c9b988de5","version":6,"status":"done","tags":[],"date":"2024-07-13T02:39:56Z","url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"title":"The Virgin"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T09:55:07Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"u3y8v8u4.aucdn.net","ip":{"addr":"185.76.9.16","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2022-06-27","domain_rank":0,"first_seen":"2022-08-08 15:30:47","last_seen":"2024-07-12 07:26:50","alert_count":0,"request_count":1,"received_data":2710565,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s3t3d2y8.afcdn.net","ip":{"addr":"185.76.9.25","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2022-06-27","domain_rank":0,"first_seen":"2022-08-09 00:22:56","last_seen":"2024-07-11 19:33:48","alert_count":0,"request_count":5,"received_data":76069,"sent_data":2316,"comment":"","tags":null,"fingerprints":null},{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-11 18:12:19","alert_count":0,"request_count":9,"received_data":7983,"sent_data":2943,"comment":"","tags":null,"fingerprints":null},{"fqdn":"thevirgin.pw","ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-12-02","domain_rank":0,"first_seen":"2024-01-24 18:46:01","last_seen":"2024-01-24 18:46:01","alert_count":6,"request_count":6,"received_data":8057961,"sent_data":2391,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a.magsrv.com","ip":{"addr":"185.76.9.24","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2023-08-01","domain_rank":0,"first_seen":"2023-08-04 18:18:00","last_seen":"2024-07-12 07:26:57","alert_count":0,"request_count":14,"received_data":245582,"sent_data":5974,"comment":"","tags":null,"fingerprints":null},{"fqdn":"s.magsrv.com","ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-08-01","domain_rank":0,"first_seen":"2023-08-04 14:48:00","last_seen":"2024-07-12 07:26:57","alert_count":0,"request_count":7,"received_data":12241,"sent_data":4901,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"Client IP","port":56638,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"62.197.49.67","port":443,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"severity":"high","alert":"ET MALWARE ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit MITM)","source":"{\"timestamp\":\"2024-07-13T02:39:29.734064+0000\",\"flow_id\":1011726403325892,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"62.197.49.67\",\"src_port\":443,\"dest_ip\":\"172.18.0.3\",\"dest_port\":56638,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2022229,\"rev\":4,\"signature\":\"ET MALWARE ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit MITM)\",\"category\":\"Domain Observed Used for C2 Detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"created_at\":[\"2015_12_08\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2024_04_15\"],\"signature_severity\":[\"Major\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2022_03_14\"]}},\"tls\":{\"subject\":\"CN=server.domain.com\",\"issuerdn\":\"CN=server.domain.com\",\"serial\":\"00:DB:9F:30:31:07:CA:57:A1\",\"fingerprint\":\"9c:f9:d6:8b:43:08:10:b7:6c:ca:93:ca:81:58:b2:83:4a:52:07:13\",\"sni\":\"thevirgin.pw\",\"version\":\"TLS 1.2\",\"notbefore\":\"2023-12-05T04:54:40\",\"notafter\":\"2123-11-11T04:54:40\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"c4b2785a87896e19d37eee932070cb22\",\"string\":\"771,49199,0-65281-11-16\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1144,\"bytes_toclient\":1583,\"start\":\"2024-07-13T02:39:29.610244+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.200402+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/hot_1613634850.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":17,\"bytes_toserver\":1926,\"bytes_toclient\":19279,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58670,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.216246+0000\",\"flow_id\":557898684076482,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58670,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/526.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":672,\"bytes_toclient\":451,\"start\":\"2024-07-13T02:39:30.168386+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.245323+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/fsdg5h6.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":13736},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":28,\"bytes_toserver\":2528,\"bytes_toclient\":33984,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.245458+0000\",\"flow_id\":595608496934046,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58666,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/null.png\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":673,\"bytes_toclient\":445,\"start\":\"2024-07-13T02:39:30.167070+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"Client IP","port":58666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.927911+0000\",\"flow_id\":595608496934046,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58666,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":193},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1337,\"bytes_toclient\":3504,\"start\":\"2024-07-13T02:39:30.167070+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb6b59ccc68cace6ac8c4d054c32649f","sha1":"0a2f56eba3b85f51136b286ca4cfef01ade84263","sha256":"68ba43ba6f709e8f668be2f7e6b273cfd4b2b7347f58cd223edfa595bdd07d98","sha512":"bd7e1b68b341be7991e2c1b3673113ebc52f1d3e5101660ca86d67dbaf3013121f05ced02571e22dc692339d8e6cce5fa53a4c1dbb62d7e1f9d7f8c059d75739","ssdeep":"","tlshash":"a3d0222c92f004a810248256fc82aee27ca146ec011ab44c930d08f41b400cba390fb5","size":199,"data":"","first_seen":"2024-08-19T17:05:52.527312Z","last_seen":"2024-08-19T17:05:52.527312Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a4d547d98d6ec95d8d6df7afa2d640e","sha1":"bbc62134ee1a0e9d04a6239b00112c6f863dab82","sha256":"091f2534512d1f63afe7e3945586799bc4cbbf4812683db8c850e5d6fb4c9acd","sha512":"f295809ee0edf18155ef7e5dbd8702939e5909e6034451fe908e6f5cb6cb8c2e25bc32cc07893895f0cd85f11b7aa108d352195840a3c9b2bb4f2e9809782f92","ssdeep":"","tlshash":"d70170ae64e514789f6732bd4fffb1386075218754475b12b51d4d826fb430fc649c88","size":756,"data":"","first_seen":"2024-07-10T16:49:08Z","last_seen":"2024-10-20T02:02:28.180847Z","times_seen":4,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"710721b64ea5e3867ccff5f3de8ef294","sha1":"18483d80947e14cf49f8c9ebbe3391e1f48fd0bc","sha256":"bc0563abe13d7d9aa2d4b78a528f19ab616341e43dbf486aabca10559ae58e64","sha512":"c17a8c9e51c14d5f0fdf283f2049ec128753630f1a41e5a9f89007c2c0f973bd8cf4213091469ca494387912a3a6374af21756b35716b0dcf04b9c36e9fcd92e","ssdeep":"3072:DQKqr5p28VOk1DG2Cjy6JOcwonKucJQIfE3lY3oeaKd9:Hcp28VOk162kJOcwo1cJsq","tlshash":"43f35c993742303442d3a21daaff53053371506de90f4888bb4de8a463adeda5167fbd","size":166110,"data":"","first_seen":"2024-06-28T09:25:17Z","last_seen":"2024-08-21T17:30:01.697614Z","times_seen":612,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/iframe.js?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"37b7f903d4380f6064677226d8c4f7e4","sha1":"a86791521569cc29518495534b5ecf277d738c90","sha256":"a36e1f47f167dc711fa266f44800055d12c252ee60f7eb03a8806820184b9ba4","sha512":"64a0585d77f621cf3158d0a36a976bfca15ec8c9cb2d7155eecf9372dc782e91a907eee544b78a93add42e78ae1f7bce17b8144585474d38e98dd93ba8b5cc5e","ssdeep":"","tlshash":"a04175ae3043f6b01ec52c24557e3c39e5e76150798bc460a186ee96d66cefe1321f58","size":2292,"data":"","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.413032Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/build-iframe-js-url.js?idzone=4838012","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7feb23a074b5c90be708943e226fae27","sha1":"3600b531849fc20fc35b7ec8860fa148e258a8a9","sha256":"f01d35e1823656ca838b0c7221d29abb126c5cd73f3991e3d84b93bf02bd0fae","sha512":"58476cfc47eeac25e45b99ab44bcdbb6bf5ba67e84c2e1d281c4c304cedc67658631cf852b89915e1d5303e4b4664e2554780cad545c10d18cf4ec4a1f499c96","ssdeep":"","tlshash":"e201fd987c61e2b902e028ec51b7f6f8a1aa108038c08948f4c8de84756ceb80673ea4","size":759,"data":"","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.412154Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"f825f3b19f41799190488fd8f48568bf","sha1":"a4179374f045e7af9d744032b2e9ee4b922657df","sha256":"8e93ddf446b22db8765536f4c56969bfe1791218c6f2c5ac9eaf6c46ba86c557","sha512":"f7fd7b420aa87ad34a5adc8f0eaf278f22defb7028773aadc6d6840f809cf47b98973e5993be19a28c245332d7d5a805d5cf960de27f42a4a20478fe19e7989b","ssdeep":"","tlshash":"afe0d8131f62496555766444cc258b4c19904253b2c5c0377cae180b4384c9a61addf4","size":354,"data":"","first_seen":"2023-08-12T19:23:00Z","last_seen":"2025-08-03T22:13:10.674384Z","times_seen":7,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"553dc6cc0684e523d97a57923c5810df","sha1":"087c5df759967fa0be075919e3f6b153666fabb3","sha256":"42892e322c13160529b9454525fa0e46a88c777390b02f2c5fbd7f60b562ac53","sha512":"10112bd73c93fc71e1a3b7e877304a30e6755af9b297d26a56d863738c0d3318b04ca345b877375657bb803d58c76546ea435462376e65750b382cb928657e4b","ssdeep":"384:6VonbgWG4K9m5WT+zukFZbHa2WgyLMfcZmiWN4WXaMF4C4+QOoZ3keitisiOi7ie:Aoc0NLaDgAT3okbOoRitisiOi7iYimiM","tlshash":"1fa29668f39da1117162723e8e7e284c7779043b6c486ce6b954a1e03774d2a05bdff8","size":21696,"data":"","first_seen":"2024-07-07T04:25:15Z","last_seen":"2026-01-22T05:46:35.432308Z","times_seen":9,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/video-slider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f6b75fbd59723a6564e74a91ce3ddea","sha1":"c59f2fe6bc1834557e544c2b787778597ee40e80","sha256":"ea8030a37b36fb35f4055a90eedae594932e6caa9c037927aa9b861debf4e6aa","sha512":"33f2df665eac5ac2cb7172cc0d6f854f3598eea35702eca8311d2101e3f51d717df15034f004b5d7427d6f5848b7b0f6ca69217f4f69f50566bf2da73f47c8dc","ssdeep":"768:NeL4xFG7kKZcxOxw8hwMjNOKVhMfhcgAHZ1Z8r1Z1AdOpKdFHCOPxAC8nV206rH2:EL4xFG7kKZcxOxw8hwMjNOKVhMfhcgAI","tlshash":"78231a8a239678308ad7904e6efa630537f4417d180e4058fa4dfad1672cfb505aabfc","size":45757,"data":"","first_seen":"2024-03-16T03:04:28Z","last_seen":"2025-04-08T01:44:00.214244Z","times_seen":267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-04T16:05:20.263881Z","times_seen":14643442,"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"093b330084e58d31bcdf15532367b030","sha1":"4b9bdc15f95c17d543b51ca04c18370d11223043","sha256":"039860a988035ed53374fbe6e10c0f817a50c8800e5d6c8c885ba2ee5850673e","sha512":"4c23c7b6bf3ea6d7c0fe46ffce762b580fb8bd74e92c2680b846350c08e278e73061a8c5f58bf0f647ec9bbb80fed558eb556b2ebb222e75b3ef3ff0dd4cbd80","ssdeep":"","tlshash":"fe800443cc4044d15035154714010f150d5040414304011350517c4d47d4c0700cc51d","size":36,"data":"","first_seen":"2024-08-19T17:05:52.533356Z","last_seen":"2024-08-19T17:05:52.533356Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:29.110466946Z","timestamp":1720838369110,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"BE84262BBB3F3AABAE368745BC3E85B816E372B16BC37327A1887D3A19992DF6\"\r\nLast-Modified: Wed, 10 Jul 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8817\r\nExpires: Sat, 13 Jul 2024 05:06:26 GMT\r\nDate: Sat, 13 Jul 2024 02:39:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ee5b6dc3e7ab972df60b36582e3eaaf4","sha1":"2a5185acc539fcddac9c33895ec74faf552b62dd","sha256":"be84262bbb3f3aabae368745bc3e85b816e372b16bc37327a1887d3a19992df6","sha512":"2d0acb707055bc8195de5f3885af1f1a96cd02f3eb1eebf31033b997b2a155347ae8a0f1647dcdb23264a7d4694fa8cd8289a4d5f171eb52e0466765fb5d0f9e","ssdeep":"","tlshash":"3cf00553005a7c42d3b20561285cd65a5d0d3d9e35554592f9400ae3f460bf8c5c505f","first_seen":"2024-07-10T17:35:11Z","last_seen":"2024-08-19T17:21:55.116113Z","times_seen":34251,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:29.113811869Z","timestamp":1720838369113,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"C52EADE9ADDAF5B96532275714D3FA8C91A4E5F7B1287A3D17E8C2E9492F059A\"\r\nLast-Modified: Fri, 12 Jul 2024 03:27:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5910\r\nExpires: Sat, 13 Jul 2024 04:17:59 GMT\r\nDate: Sat, 13 Jul 2024 02:39:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"99ca9ac48d9c7dc638699b14599a47cc","sha1":"3e19f65886cf5ced393284e0fe31bf830288078d","sha256":"c52eade9addaf5b96532275714d3fa8c91a4e5f7b1287a3d17e8c2e9492f059a","sha512":"f431a20054c50ca1fb4508f5f14b1dd6f089049d33799328f4a7b173f85da3fe7aa3e69c1f1d880dcf37723825891580a3e95e3959f8e237254c741c419e7cb3","ssdeep":"","tlshash":"2af00e9123f57c54b9b5201d7bf0ca0a2825ada938128df224a40be9ae417a8c5dc987","first_seen":"2024-07-12T09:14:10Z","last_seen":"2024-08-19T17:12:00.178582Z","times_seen":12407,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:29.454396048Z","timestamp":1720838369454,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"4CD1772D378248E886EE96F55D956FF0856BA3F2EAE9F15A10136E68F450CA70\"\r\nLast-Modified: Fri, 12 Jul 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=8777\r\nExpires: Sat, 13 Jul 2024 05:05:46 GMT\r\nDate: Sat, 13 Jul 2024 02:39:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"4a4d81b1c193182fe2b1122877e94203","sha1":"fd1f4427cb5867a8f63ae15825279827bbf768e6","sha256":"4cd1772d378248e886ee96f55d956ff0856ba3f2eae9f15a10136e68f450ca70","sha512":"61f4bb9acbba2561d6955e226c265da8580e55737249254d345d70033c9bf375f8ab0b16e5064f7881b57a9f1785e0f800c583a762503f3cac58e8c9c74e67cb","ssdeep":"","tlshash":"aff0c0d32fb6bd116632613e99a4c56a6e14eded3801326424a002e76c017658746598","first_seen":"2024-07-12T16:58:11Z","last_seen":"2024-08-19T17:09:42.492325Z","times_seen":38979,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:29.699194644Z","timestamp":1720838369699,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"20A4D98085DF693785B82E60E9D84E87FD28671F922BC560F9A21DFED215639F\"\r\nLast-Modified: Fri, 12 Jul 2024 04:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=4666\r\nExpires: Sat, 13 Jul 2024 03:57:15 GMT\r\nDate: Sat, 13 Jul 2024 02:39:29 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ec8baf60826f2f5b1e572fa2c5333328","sha1":"e5e25bdce94aca9ac7fdba6115d13a7328ccbb26","sha256":"20a4d98085df693785b82e60e9d84e87fd28671f922bc560f9a21dfed215639f","sha512":"ef365e1d194901de019290c79c36a2620eb57c600d0c89dadecb2b0566a91e1b4c79f40014989bdf99313c019f22d863a4e369c73177150fe5ed84eeb9060c52","ssdeep":"","tlshash":"7bf0c922265aba5872a5082954aca40a2d10b6fe288459e97098c2ebe8603a58e6048e","first_seen":"2024-07-12T12:14:29Z","last_seen":"2024-08-19T17:11:10.467251Z","times_seen":8821,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thevirgin.pw/","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":0,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-13T02:39:29.624Z","timestamp":1720838369624,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:13 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.1.33\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":17007,"size_decoded":108068,"mime_type":"","magic":"HTML document, ASCII text, with very long lines (361), with CRLF, LF line terminators","md5":"fb74ba36c3187391b228e049f32edc94","sha1":"2d331283e7890e3492171749346a6f8ff33e1c50","sha256":"0432c189d88a26462a730e6c9061f65f361849360f958f433bf5b81380a1c81d","sha512":"7b5a30b4fc5be183bcbf76a9ac82881eb67a0d4f71a7f7eacde4e841c13230b79634677d77911bedee01480b7e0f627060f590cc5ed7d136ed5b8a1bf6262300","ssdeep":"1536:KIam0HPNlklHxMSzKjZHvRhiQzG7R31J8yfub:OpHvN","tlshash":"deb3026293a6083f1a6357db61f9ff35f8c72035aa9316047aff02e243dd845e10d69a","first_seen":"2024-08-19T17:05:52.509017Z","last_seen":"2024-08-19T17:05:52.509017Z","times_seen":1,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":0,"dns":1,"connect":37,"send":0,"wait":0,"receive":0,"ssl":48},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:29Z","timestamp":1720838369,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:29.907335+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":1228},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":657,\"bytes_toclient\":4682,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.192Z","timestamp":1720838370192,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /iframe.php?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 13 Jul 2024 02:39:30 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Sat, 13 Jul 2024 02:53:04 GMT\r\nCache-Control: max-age=10800\r\nX-Robots-Tag: noindex, follow\r\nAccess-Control-Allow-Origin: *\r\nX-77-NZT: EwwBuUwJFAH38SYAAAwBuUwKEwH3DAAAAAwBisclxAH3BQAAAA\r\nX-77-NZT-Ray: af5856303fafdcc8e2e89166d40a380b\r\nX-Accel-Expires: @1720839184\r\nX-Accel-Date: 1720828401\r\nX-77-Cache: HIT\r\nX-77-Age: 9969\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: CDN77-Turbo\r\nX-Accel-Date-Max: 1720828401\r\nX-Cache: HIT\r\nX-Age: 9969\r\nX-77-POP: stockholmSE\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184,"size_decoded":275,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c2dec76e4f6392d178ab054f98091489","sha1":"534d62deff78b551206ce470120256b206e000e1","sha256":"5538a73dae0cf0c36ef20bec0186c79b4fe8df713998cde41e91e09842edc5fd","sha512":"7c6f0ce9fa58e12f92a34359c139541bfb0571220dbdad073bceeed208ca639c94daebcbd1e9f90097a6eb62af1fcae05f88d724e18b8467f6bfeeef41db21e2","ssdeep":"","tlshash":"22d0c2d3fc42d045094069eb88b0e088d051127d3ec0c959a0ed9020f510bac8e03e98","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.426877Z","times_seen":22,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":1,"connect":9,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.192Z","timestamp":1720838370192,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /iframe.php?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 13 Jul 2024 02:39:30 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Sat, 13 Jul 2024 02:53:04 GMT\r\nCache-Control: max-age=10800\r\nX-Robots-Tag: noindex, follow\r\nAccess-Control-Allow-Origin: *\r\nX-77-NZT: EwwBuUwJFAH38SYAAAwBuUwKEwH3DAAAAAwBisclxAH3BQAAAA\r\nX-77-NZT-Ray: af58563057c1ddc8e2e89166efd43b0b\r\nX-Accel-Expires: @1720839184\r\nX-Accel-Date: 1720828401\r\nX-77-Cache: HIT\r\nX-77-Age: 9969\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: CDN77-Turbo\r\nX-Accel-Date-Max: 1720828401\r\nX-Cache: HIT\r\nX-Age: 9969\r\nX-77-POP: stockholmSE\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184,"size_decoded":275,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c2dec76e4f6392d178ab054f98091489","sha1":"534d62deff78b551206ce470120256b206e000e1","sha256":"5538a73dae0cf0c36ef20bec0186c79b4fe8df713998cde41e91e09842edc5fd","sha512":"7c6f0ce9fa58e12f92a34359c139541bfb0571220dbdad073bceeed208ca639c94daebcbd1e9f90097a6eb62af1fcae05f88d724e18b8467f6bfeeef41db21e2","ssdeep":"","tlshash":"22d0c2d3fc42d045094069eb88b0e088d051127d3ec0c959a0ed9020f510bac8e03e98","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.426877Z","times_seen":22,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":1,"connect":9,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.192Z","timestamp":1720838370192,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /iframe.php?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 13 Jul 2024 02:39:30 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Sat, 13 Jul 2024 02:53:04 GMT\r\nCache-Control: max-age=10800\r\nX-Robots-Tag: noindex, follow\r\nAccess-Control-Allow-Origin: *\r\nX-77-NZT: EwwBuUwJFAH38SYAAAwBuUwKEwH3DAAAAAwBisclxAH3BQAAAA\r\nX-77-NZT-Ray: af58563054b0dfc8e2e891663b383e0b\r\nX-Accel-Expires: @1720839184\r\nX-Accel-Date: 1720828401\r\nX-77-Cache: HIT\r\nX-77-Age: 9969\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: CDN77-Turbo\r\nX-Accel-Date-Max: 1720828401\r\nX-Cache: HIT\r\nX-Age: 9969\r\nX-77-POP: stockholmSE\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184,"size_decoded":275,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c2dec76e4f6392d178ab054f98091489","sha1":"534d62deff78b551206ce470120256b206e000e1","sha256":"5538a73dae0cf0c36ef20bec0186c79b4fe8df713998cde41e91e09842edc5fd","sha512":"7c6f0ce9fa58e12f92a34359c139541bfb0571220dbdad073bceeed208ca639c94daebcbd1e9f90097a6eb62af1fcae05f88d724e18b8467f6bfeeef41db21e2","ssdeep":"","tlshash":"22d0c2d3fc42d045094069eb88b0e088d051127d3ec0c959a0ed9020f510bac8e03e98","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.426877Z","times_seen":22,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":1,"connect":9,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/img/hot_1613634850.gif","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.180Z","timestamp":1720838370180,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/hot_1613634850.gif HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nCookie: 9a3bc=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 9a3bcb=1720838293\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:13 GMT\r\nContent-Type: image/gif\r\nContent-Length: 671\r\nLast-Modified: Mon, 17 Oct 2022 20:01:10 GMT\r\nConnection: keep-alive\r\nETag: \"634db486-29f\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":671,"size_decoded":671,"mime_type":"image/gif","magic":"GIF image data, version 89a, 47 x 10","md5":"47489e13c6e6bcd769fe8899171932de","sha1":"e5bd2b1491dd15131c0b9166716cc5c168568cde","sha256":"417ba5378352abb89940c02b28e835f2d3ead02baaa51c7f9f1d1986d937ad71","sha512":"c17c15da36312f2cc6de140cd55dd06ab65376d92f7daa5fb293a0953ee5058556ee0a9641f388050db2e927bf5df57becbeccb26605f605e45bc17d925b2fd9","ssdeep":"","tlshash":"6a012341e6499012e0cc217c541c5e4c9bad3da5ae566f262eaa3d28b06d7a029c0f34","first_seen":"2023-06-14T22:00:09Z","last_seen":"2026-04-13T00:22:26.780476Z","times_seen":28,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.200402+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/hot_1613634850.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":17,\"pkts_toclient\":17,\"bytes_toserver\":1926,\"bytes_toclient\":19279,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.192Z","timestamp":1720838370192,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /iframe.php?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 13 Jul 2024 02:39:30 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Sat, 13 Jul 2024 02:53:04 GMT\r\nCache-Control: max-age=10800\r\nX-Robots-Tag: noindex, follow\r\nAccess-Control-Allow-Origin: *\r\nX-77-NZT: EwwBuUwJFAH38SYAAAwBuUwKEwH3DAAAAAwBisclxAH3BQAAAA\r\nX-77-NZT-Ray: af5856303fafdcc8e2e8916605fc030c\r\nX-Accel-Expires: @1720839184\r\nX-Accel-Date: 1720828401\r\nX-77-Cache: HIT\r\nX-77-Age: 9969\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nServer: CDN77-Turbo\r\nX-Accel-Date-Max: 1720828401\r\nX-Cache: HIT\r\nX-Age: 9969\r\nX-77-POP: stockholmSE\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":184,"size_decoded":275,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"c2dec76e4f6392d178ab054f98091489","sha1":"534d62deff78b551206ce470120256b206e000e1","sha256":"5538a73dae0cf0c36ef20bec0186c79b4fe8df713998cde41e91e09842edc5fd","sha512":"7c6f0ce9fa58e12f92a34359c139541bfb0571220dbdad073bceeed208ca639c94daebcbd1e9f90097a6eb62af1fcae05f88d724e18b8467f6bfeeef41db21e2","ssdeep":"","tlshash":"22d0c2d3fc42d045094069eb88b0e088d051127d3ec0c959a0ed9020f510bac8e03e98","first_seen":"2024-05-23T05:02:38Z","last_seen":"2026-01-22T05:46:35.426877Z","times_seen":22,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":1,"connect":9,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/img/null.png","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.184Z","timestamp":1720838370184,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/null.png HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nCookie: 9a3bc=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 9a3bcb=1720838293\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:13 GMT\r\nContent-Type: image/png\r\nContent-Length: 2460\r\nLast-Modified: Mon, 17 Oct 2022 20:01:18 GMT\r\nConnection: keep-alive\r\nETag: \"634db48e-99c\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2460,"size_decoded":2460,"mime_type":"image/png","magic":"PNG image data, 600 x 600, 8-bit gray+alpha, non-interlaced","md5":"428d32c8089fda01e2f63b072cb9038c","sha1":"9c69483488edc21ec9e949b408721d9447ebab01","sha256":"a867e9fb30b5a2283a93b3c60985ff228e2e1123a9d413a759fa5ed9eeecc3b9","sha512":"f9fcae87b3c7934e12c5914d2293e3fc150b60f0fae6efa823ebeb86e0f713824ce798174631e8d817421741d2bc1a9247081b8ef01928cda24adc375d7737cd","ssdeep":"","tlshash":"a151678af0f7808c4b0a1ed70d1757759ee741fe32cec0db440db1080428eceb06aa21","first_seen":"2023-09-11T03:33:50Z","last_seen":"2025-12-27T19:10:00.155068Z","times_seen":8,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":22,"dns":2,"connect":39,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.245458+0000\",\"flow_id\":595608496934046,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58666,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/null.png\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/png\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":673,\"bytes_toclient\":445,\"start\":\"2024-07-13T02:39:30.167070+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/img/fsdg5h6.gif","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.227Z","timestamp":1720838370227,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/fsdg5h6.gif HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nCookie: 9a3bc=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 9a3bcb=1720838293\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:13 GMT\r\nContent-Type: image/gif\r\nContent-Length: 209649\r\nLast-Modified: Mon, 17 Oct 2022 20:00:56 GMT\r\nConnection: keep-alive\r\nETag: \"634db478-332f1\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":209649,"size_decoded":209649,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 800","md5":"7716842a21949efb5b8d3af1bbcb01ff","sha1":"f83ab1e6a875874a3bc2e3671b3bdf97bfddd207","sha256":"56fcfe07c0cadd24d0a34ff3d84c09e1d2c955819551b12c8c26b323635ce637","sha512":"acf96241252191c393752f49b094502962c274eb1bc47617dbe1c32b03f2eef4f218f14b79d110d8140a8eab9981c9f027898d05984159d79d8aa6bd0bbf1243","ssdeep":"","tlshash":"","first_seen":"2023-05-16T23:20:28Z","last_seen":"2026-04-19T00:13:29.427013Z","times_seen":24,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":136,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58658,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.245323+0000\",\"flow_id\":1704264109993415,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58658,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/fsdg5h6.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":13736},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":20,\"pkts_toclient\":28,\"bytes_toserver\":2528,\"bytes_toclient\":33984,\"start\":\"2024-07-13T02:39:29.732615+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/img/526.gif","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.183Z","timestamp":1720838370183,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/526.gif HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nCookie: 9a3bc=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 9a3bcb=1720838293\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:13 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7826584\r\nLast-Modified: Thu, 20 Oct 2022 05:31:28 GMT\r\nConnection: keep-alive\r\nETag: \"6350dd30-776c98\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7826584,"size_decoded":7826584,"mime_type":"image/gif","magic":"GIF image data, version 89a, 300 x 279","md5":"64eb958c623ed07e5ef16db8fb65eea2","sha1":"701076395a06b19335c507cc26476bc0d5908d8d","sha256":"1dde90a8eb0b310b4b7901daeaaf4e9e724b233d6d4c25b84d05564b718ee99e","sha512":"bdc27b4d9101de94ef6ae34b904080773b6e9cc812bf7fd2136400182b6a3cabf30affd6148eaf6535cca5d074dea34a3c6ff7fa2a2bb55de343f008c8fa68f2","ssdeep":"98304:uCLGKTJqO5Ua6s0Cf43gzkcwdAa2DiHeF4076jjjcRTJBsS4NK2cK0bGb0E4AzKe:hLGeasDAPDdy7pP9P4hcK0b20Az8kL","tlshash":"db76338b944a4e8dc470ef34c65cb56d9f0d0df9326706332c5db28373222b5a599abb","first_seen":"2024-08-19T17:05:52.513103Z","last_seen":"2024-10-20T02:02:28.146759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":10,"dns":1,"connect":24,"send":0,"wait":24,"receive":668,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58670,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.216246+0000\",\"flow_id\":557898684076482,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58670,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/img/526.gif\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"image/gif\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":672,\"bytes_toclient\":451,\"start\":\"2024-07-13T02:39:30.168386+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.416Z","timestamp":1720838370416,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"18483d80947e14cf49f8c9ebbe3\"\r\nexpires: Thu, 11 Jul 2024 17:52:17 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH3JicAAAwBuUwKAQH37gIAAAwBJRPCLgH3BQAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166b29df21c\r\nx-accel-expires: @1720839148\r\nx-accel-date: 1720828348\r\nx-77-cache: HIT\r\nx-77-age: 10022\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710292\r\nx-cache: HIT\r\nx-age: 10022\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45872,"size_decoded":172289,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35849)","md5":"da855d8d0d8ca3f515a5caff58c70a69","sha1":"b23a21064136a8d39a0515a70f5d3b29a8de3e48","sha256":"d656f4a088f8a3d6be592f4d20245a261e2a405d88f2ebf120bd9768efd2534d","sha512":"85b124142bbeb0094413181c9d59c726e9553be7ada6311acf20a58bd70b9a4a4f0e9174d3661741ceeeaf7412c05e357a47f7cb0e7940dba8fc8ab00e8056ee","ssdeep":"3072:DQKqr5p28VOk1DG2Cjy6JOcwonKucJQIfE3lY3oeaKdql:Hcp28VOk162kJOcwo1cJsx","tlshash":"fef35c592792303442d3e12daaff57093371506de90f4888bb4de8a463addda51a3fbc","first_seen":"2024-08-19T17:05:52.513802Z","last_seen":"2024-08-19T17:05:52.513802Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.416Z","timestamp":1720838370416,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"18483d80947e14cf49f8c9ebbe3\"\r\nexpires: Thu, 11 Jul 2024 17:52:17 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH3JicAAAwBuUwKAQH37gIAAAwBJRPCLgH3BQAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166abccde18\r\nx-accel-expires: @1720839148\r\nx-accel-date: 1720828348\r\nx-77-cache: HIT\r\nx-77-age: 10022\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710292\r\nx-cache: HIT\r\nx-age: 10022\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44274,"size_decoded":168611,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35849)","md5":"ac3d90d697fad22f602f8d0a8c3cf327","sha1":"cd5b1ec14ba7fc9c06e89210a20703b5a8bf5eed","sha256":"256a314a84e4faeecd9c6decead5e3288b6541dc7a0bccce00e058dd3c55adbf","sha512":"259305ce67b74688155e124932bd27112f4827d9a4eb43c43bf7ff9e34b369e43b50fae912dbc1db3ce069c58a5031f9dcc0794220d1031727677154f724635f","ssdeep":"3072:DQKqr5p28VOk1DG2Cjy6JOcwonKucJQIfE3lY3oeaKdC:Hcp28VOk162kJOcwo1cJsX","tlshash":"7ef35c993742303442d3a12daaff53053371606de90f4888bb4de8a463adeda5167fbd","first_seen":"2024-08-19T17:05:52.514585Z","last_seen":"2024-08-19T17:05:52.514585Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.416Z","timestamp":1720838370416,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"18483d80947e14cf49f8c9ebbe3\"\r\nexpires: Thu, 11 Jul 2024 17:52:17 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH3JicAAAwBuUwKAQH37gIAAAwBJRPCLgH3BQAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166aea49c18\r\nx-accel-expires: @1720839148\r\nx-accel-date: 1720828348\r\nx-77-cache: HIT\r\nx-77-age: 10022\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710292\r\nx-cache: HIT\r\nx-age: 10022\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45363,"size_decoded":170176,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35849)","md5":"d346a72baecb11236fd9dd93f1bf4f58","sha1":"9654c74aab8cbc7b1ec06d58f5e0bbd357d6b717","sha256":"fef5b347cea82d5c88d44207dd2ad4bce59ddc1fa421b3fa8e7966ed4e396c5a","sha512":"b4216d0db0ba035de2bc23550bdc2a7ea6a3e0a7bb0d839df27b6d883067099f03dd04eed9b6dcfd3428a222381df3a0e5739b928c3b4f3c3dd8e402d9e8e2a3","ssdeep":"3072:DQKqr5p28VOk1DG2Cjy6JOcwonKucJQIfE3lY3oeaKdoy/:Hcp28VOk162kJOcwo1cJsE/","tlshash":"c5f35c993742303442d3a11daaff53093371606de90f4888bb4de9a463adeda5163fbd","first_seen":"2024-08-19T17:05:52.515319Z","last_seen":"2024-08-19T17:05:52.515319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/ad-provider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.416Z","timestamp":1720838370416,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /ad-provider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"18483d80947e14cf49f8c9ebbe3\"\r\nexpires: Thu, 11 Jul 2024 17:52:17 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH3JicAAAwBuUwKAQH37gIAAAwBJRPCLgH3BQAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e8916635fd001c\r\nx-accel-expires: @1720839148\r\nx-accel-date: 1720828348\r\nx-77-cache: HIT\r\nx-77-age: 10022\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710292\r\nx-cache: HIT\r\nx-age: 10022\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43420,"size_decoded":43420,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix","md5":"d7b727563905fa4f668da2cae5a4ec1e","sha1":"be0d19f797f311f0bf3f0c86c7bfaf4f348f29bd","sha256":"9ae388260c1599c418592f63857f27b0bdfd7238fa822587ebe01e832c6efb23","sha512":"27378a7376df97e96f2bae0ce91b945de6072e6a5ad0445cde4c514207b9fb9a13df68e6c55d15f180684a55de555c425006dec229220ffe4890564fe266f517","ssdeep":"768:8IVn+v4flk9mH6c0p5NvPUwHbKbpNHHiRh45UxZXI:8IVI5ci5NnUwHGbbHC74qxZ4","tlshash":"4313017790dded539bb6113f8e88d5c12a89baf8f939768d77fcde9083402446894344","first_seen":"2024-07-10T16:49:17Z","last_seen":"2024-08-19T17:22:16.89509Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/v1/api.php","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.633Z","timestamp":1720838370633,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"POST /v1/api.php HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 311\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Headers: Authorization, Content-Type\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e46b1b25.070897742047526609%22%3B%7D; expires=Mon, 13-Jul-2026 02:39:32 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1275,"size_decoded":1780,"mime_type":"application/json","magic":"JSON text data","md5":"6cb3ea357f0b205bef386306a631c70d","sha1":"8dc83618aac5c6e6f5fa136f1c598a5a90c771cb","sha256":"ce934887ba6bd334e32d3d021750c39ddffa5aaf3c14edff4bcfedba9e3a0b26","sha512":"07195f0a1a92abeaed72da03cf08ec2ce69b52ff7f6de9f4b25c1c629fe2e921743b6e851e3411ad35f8f2061333cde722fe4b2917d0c0e3d9be83cdecb49d07","ssdeep":"","tlshash":"9231e632b38658be73e097cc428919e98c07e42f55eb5db905cfe5a0f87d1683c6a219","first_seen":"2024-08-19T17:05:52.516766Z","last_seen":"2024-08-19T17:05:52.516766Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3451,"timings":{"blocked":1791,"dns":11,"connect":30,"send":0,"wait":118,"receive":0,"ssl":1498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/v1/api.php","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.633Z","timestamp":1720838370633,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"POST /v1/api.php HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 311\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Headers: Authorization, Content-Type\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Allow-Credentials: true\r\nSet-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e46b37a2.215474163210460436%22%3B%7D; expires=Mon, 13-Jul-2026 02:39:32 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1276,"size_decoded":1775,"mime_type":"application/json","magic":"JSON text data","md5":"e8ba421616dc083a869816a8f6938494","sha1":"6b1eb5a10c3b1274f784706a49a7e65dd7a6eb15","sha256":"3a33bb893c7580c7a79bad236e46989ba113364e7b16513761cab77956b2ac2d","sha512":"143af0ac02521656ab4bf4d53d2210607eb2cb9bd82eb13da4012b12dad657a886102fb8a44bec682d50be4369af4d78df62110d90b5c1bf65f12baeb3fe56ac","ssdeep":"","tlshash":"9b31c773734958b963e001cc40a82df4ec0b642b59db9aad08cf94b0b9f856c3c15619","first_seen":"2024-08-19T17:05:52.517457Z","last_seen":"2024-08-19T17:05:52.517457Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3451,"timings":{"blocked":1791,"dns":11,"connect":30,"send":0,"wait":118,"receive":0,"ssl":1498},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"u3y8v8u4.aucdn.net/library/141372/4075fab111680ff29320723c5a464014cdca157a.mp4","fqdn":"u3y8v8u4.aucdn.net","domain":"aucdn.net","tld":"net"},"ip":{"addr":"185.76.9.16","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.957Z","timestamp":1720838370957,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /library/141372/4075fab111680ff29320723c5a464014cdca157a.mp4 HTTP/1.1\r\nHost: u3y8v8u4.aucdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: video/mp4\r\nContent-Length: 2709886\r\nConnection: keep-alive\r\nLast-Modified: Thu, 04 May 2023 14:20:20 GMT\r\nETag: \"6453bf24-29597e\"\r\nExpires: Thu, 16 May 2024 10:01:05 GMT\r\nCache-Control: max-age=31536000\r\nAccess-Control-Allow-Origin: *\r\nX-Robots-Tag: noindex, follow\r\nX-Cache-OP: HIT\r\nServer: CDN77-Turbo\r\nX-77-NZT: EQwBuUwJDQH3Pg9MAA\r\nX-77-NZT-Ray: c0a4cc2801e6bbb3e4e89166b8983f19\r\nX-Accel-Expires: @1734039190\r\nX-Accel-Date: 1715853734\r\nX-Accel-Date-Max: 1684317732\r\nX-Cache: HIT\r\nX-Age: 4984638\r\nX-77-POP: stockholmSE\r\nX-77-Cache: HIT\r\nX-77-Age: 4984638\r\nContent-Range: bytes 0-2709885/2709886\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":2709886,"size_decoded":2709886,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"c7cc06eb7a07d5941e27dcce3cf326fa","sha1":"4075fab111680ff29320723c5a464014cdca157a","sha256":"d014d8e1d1e853dc4cbfcac423d89685d3d0779953e2b0f44069d62836b9c26c","sha512":"232cf35803f3dee8bc36e17d1160316906ad7a6a374686d9273dbf94f7ba2c216d4be1e7546692c09b9961bfa2d088014b4f19ff2a71462baddc06bf35819451","ssdeep":"49152:XoofTHIUHKeBLEgU2h73hebRC2DFofp+pAv0y997KeQbN7Sr6A2nRfmKVd/EbEk+:XoaTtK2LEf473hiDFSpZv0y/GN7Srb2N","tlshash":"99c53393d329660bd41f2174c8bc9b55b674deb1be2923839604e7b0aff62423d11ed2","first_seen":"2023-06-27T03:39:38Z","last_seen":"2025-01-06T22:21:00.252011Z","times_seen":128,"resource_available":false,"data":null}},"time_used":1761,"timings":{"blocked":1464,"dns":47,"connect":8,"send":0,"wait":25,"receive":215,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/build-iframe-js-url.js?idzone=4838012","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.473Z","timestamp":1720838370473,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /build-iframe-js-url.js?idzone=4838012 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"3600b531849fc20fc35b7ec8860\"\r\nexpires: Thu, 11 Jul 2024 17:52:44 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH38SYAAAwBuUwKEwH3yAIAAAwBnJIhHwH32wAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e8916684fdc618\r\nx-accel-expires: @1720839192\r\nx-accel-date: 1720828401\r\nx-77-cache: HIT\r\nx-77-age: 9969\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710495\r\nx-cache: HIT\r\nx-age: 9969\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2178,"size_decoded":3300,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3300), with no line terminators","md5":"e4887bfd960c396098f88ad2b9c8c374","sha1":"70cc3ea59f09939493b12b691f14c78900e4eafd","sha256":"3d567fb88aa3e066603a8a88d53c510d88e1b25d7cd041949479fa4ab75add73","sha512":"f8b5c74436e704bf93d2c5e544ce2680884bcd0564de9f5434a3e1ca3fa1d3bdb3825a73f2bba453badf52af4249bf125d50676b5d59d8d9cc31e8e84c983cbc","ssdeep":"","tlshash":"b761b7b8bd61d87852e025cd442af1fc997722927dd2c9c864cc8d60b57dfac0662f70","first_seen":"2024-08-19T17:05:52.518798Z","last_seen":"2024-08-19T17:05:52.518798Z","times_seen":1,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/cimp.php?t=api\u0026data=H4sIAAAAAAAAA12OQU7EMAxFr8IFGn07TuLMmjVIIA7QNimwGEYaBOrCh8fpSAiRp8hfyYtjBsuEMhHfMZ9iPUVYpVARhAMlsYfHJxOy/a19fLUe1svZhDVRMmWm6nbJVNlEo4LYqnrMSVStADVLzeZyNDicoshIAQC5YC/P98cmhy0COyd4Ht+awMQz9vEWmoGlLVnXLqU11dQTL3XG1ln6PESbw3l+/bx+H3PiRgD7XKM9fpmGHEki+zy+YMfx+3adz93sjzkoR+/BqP9vbzCyD5uHYkvXRXvbSl5bUq6xqVf0jSstZaUfEwNiOXUBAAA=\u0026dbt=e2e_6691e8e2f3dba4.57342565\u0026scr_info=YXN5bmN8fDM%3D","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.587Z","timestamp":1720838372587,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"GET /cimp.php?t=api\u0026data=H4sIAAAAAAAAA12OQU7EMAxFr8IFGn07TuLMmjVIIA7QNimwGEYaBOrCh8fpSAiRp8hfyYtjBsuEMhHfMZ9iPUVYpVARhAMlsYfHJxOy/a19fLUe1svZhDVRMmWm6nbJVNlEo4LYqnrMSVStADVLzeZyNDicoshIAQC5YC/P98cmhy0COyd4Ht+awMQz9vEWmoGlLVnXLqU11dQTL3XG1ln6PESbw3l+/bx+H3PiRgD7XKM9fpmGHEki+zy+YMfx+3adz93sjzkoR+/BqP9vbzCyD5uHYkvXRXvbSl5bUq6xqVf0jSstZaUfEwNiOXUBAAA=\u0026dbt=e2e_6691e8e2f3dba4.57342565\u0026scr_info=YXN5bmN8fDM%3D HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nCookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e46b37a2.215474163210460436%22%3B%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"text/html; charset=UTF-8","magic":"gzip compressed data, max speed, from Unix","md5":"a4745abc5e7fdb89cc6df3069f3c6e69","sha1":"74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed","sha256":"d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf","sha512":"849461cb54ecde577246aad993d1ecabb879913e353ae322561c7c57605f571e23210fe12bdcef49faa99b5b003611976ff64348f620968271e38bba1c7d7f62","ssdeep":"","tlshash":"ce70000000003c30cc000030000fc000000c30003000c00300000030000300300c003f","first_seen":"2023-04-08T01:36:47Z","last_seen":"2025-03-02T02:51:47.01042Z","times_seen":42040,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:33.088861903Z","timestamp":1720838373088,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5783\r\nExpires: Sat, 13 Jul 2024 04:15:55 GMT\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:33.089707514Z","timestamp":1720838373089,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5783\r\nExpires: Sat, 13 Jul 2024 04:15:55 GMT\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:33.090613884Z","timestamp":1720838373090,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5783\r\nExpires: Sat, 13 Jul 2024 04:15:55 GMT\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:33.091697042Z","timestamp":1720838373091,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5783\r\nExpires: Sat, 13 Jul 2024 04:15:55 GMT\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.33.119.57","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-13T02:39:33.092586228Z","timestamp":1720838373092,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"3E28EA2CEDE92DAE0F7BFCD98EAF9BD016AB8ECC4EA81B7E8F7B90BA4E20AA40\"\r\nLast-Modified: Wed, 10 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5783\r\nExpires: Sat, 13 Jul 2024 04:15:55 GMT\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"50e4489707989517510128817aedd2ea","sha1":"36a54d7b34a9ac621715b569e5a870f62671c574","sha256":"3e28ea2cede92dae0f7bfcd98eaf9bd016ab8ecc4ea81b7e8f7b90ba4e20aa40","sha512":"ed92692072bbfb8601b1412479f5eda9a2a39f91902dcfd261b22bd27435a591dcee983015bab15f63c3e2af60ced24f6dc0e1f02620ba660eb0c51fb02ac980","ssdeep":"","tlshash":"3ff0c90025e6f80252a6670abcabdb1f2c383e1636199280a0a012a2ed00bdbc3c51cc","first_seen":"2024-07-10T20:38:58Z","last_seen":"2024-08-19T17:21:03.235Z","times_seen":38767,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/cimp.php?t=api\u0026data=H4sIAAAAAAAAA12OwU4EIRBEf8UfGFLdNNDs2bMma/wAZmDUw7jJGjdz6I8XZhNj5IVQgaqmGCwT0kT8wHzy+eTZMrkMJ+woiD09n03I9vf6+V2bWy6bCWugYMpMGZZTpMwm6hXUw9plDKJqCchRslg3e0OHgxcZygGgbrDXl8djU4fNAzsHdD2+NYH1sGEfWWgE5jpHXZqkWlVDCzzngrWxtDKMVtxW3r6ut6Mn7jhwSsd4/DINsyfx3Pv0BTuuP9Zr2ZrZH+cgHbMH4/z/eodj7xqHw9JSgsQVuoDmWhqFUpEkxFRAQvoDHjRHzXQBAAA=\u0026dbt=e2e_6691e8e47c1c07.41244937\u0026scr_info=YXN5bmN8fDM%3D","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.667Z","timestamp":1720838372667,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"GET /cimp.php?t=api\u0026data=H4sIAAAAAAAAA12OwU4EIRBEf8UfGFLdNNDs2bMma/wAZmDUw7jJGjdz6I8XZhNj5IVQgaqmGCwT0kT8wHzy+eTZMrkMJ+woiD09n03I9vf6+V2bWy6bCWugYMpMGZZTpMwm6hXUw9plDKJqCchRslg3e0OHgxcZygGgbrDXl8djU4fNAzsHdD2+NYH1sGEfWWgE5jpHXZqkWlVDCzzngrWxtDKMVtxW3r6ut6Mn7jhwSsd4/DINsyfx3Pv0BTuuP9Zr2ZrZH+cgHbMH4/z/eodj7xqHw9JSgsQVuoDmWhqFUpEkxFRAQvoDHjRHzXQBAAA=\u0026dbt=e2e_6691e8e47c1c07.41244937\u0026scr_info=YXN5bmN8fDM%3D HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nCookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e46b37a2.215474163210460436%22%3B%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"text/html; charset=UTF-8","magic":"gzip compressed data, max speed, from Unix","md5":"a4745abc5e7fdb89cc6df3069f3c6e69","sha1":"74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed","sha256":"d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf","sha512":"849461cb54ecde577246aad993d1ecabb879913e353ae322561c7c57605f571e23210fe12bdcef49faa99b5b003611976ff64348f620968271e38bba1c7d7f62","ssdeep":"","tlshash":"ce70000000003c30cc000030000fc000000c30003000c00300000030000300300c003f","first_seen":"2023-04-08T01:36:47Z","last_seen":"2025-03-02T02:51:47.01042Z","times_seen":42040,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/cimp.php?t=api\u0026data=H4sIAAAAAAAAA12Q0UoEMQxFf8UfmHKbpm2yzz4rKH5AZzqjPqwLK8o85ONNZ0HEHkou7U16KYF4Qp0i3RGdkp4SmcagCEwhZraHxyfjaPtb//jqa1guZ2OSHLMJUVSY1hKVjCUJojeLy5JZxCqghZXNzcngUE7MQwUA0Q328nx/7OiQJWCnDNfjWWOYNxv20QspwNznIsvKtXeRvGaatWFbidc2jNbCub1+Xr+PnLgRQFqP8fhlGuYUOZHn8QU7jt+3azuvZn+cg3rMHoz6//YGFc9ahsNqS4rsnyRJpYhuuS7ErfWZ0GrcfgAtJTVrdAEAAA==\u0026dbt=e2e_6691e8e47bb762.06147742\u0026scr_info=YXN5bmN8fDM%3D","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.603Z","timestamp":1720838372603,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"GET /cimp.php?t=api\u0026data=H4sIAAAAAAAAA12Q0UoEMQxFf8UfmHKbpm2yzz4rKH5AZzqjPqwLK8o85ONNZ0HEHkou7U16KYF4Qp0i3RGdkp4SmcagCEwhZraHxyfjaPtb//jqa1guZ2OSHLMJUVSY1hKVjCUJojeLy5JZxCqghZXNzcngUE7MQwUA0Q328nx/7OiQJWCnDNfjWWOYNxv20QspwNznIsvKtXeRvGaatWFbidc2jNbCub1+Xr+PnLgRQFqP8fhlGuYUOZHn8QU7jt+3azuvZn+cg3rMHoz6//YGFc9ahsNqS4rsnyRJpYhuuS7ErfWZ0GrcfgAtJTVrdAEAAA==\u0026dbt=e2e_6691e8e47bb762.06147742\u0026scr_info=YXN5bmN8fDM%3D HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nCookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e46b37a2.215474163210460436%22%3B%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"text/html; charset=UTF-8","magic":"gzip compressed data, max speed, from Unix","md5":"a4745abc5e7fdb89cc6df3069f3c6e69","sha1":"74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed","sha256":"d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf","sha512":"849461cb54ecde577246aad993d1ecabb879913e353ae322561c7c57605f571e23210fe12bdcef49faa99b5b003611976ff64348f620968271e38bba1c7d7f62","ssdeep":"","tlshash":"ce70000000003c30cc000030000fc000000c30003000c00300000030000300300c003f","first_seen":"2023-04-08T01:36:47Z","last_seen":"2025-03-02T02:51:47.01042Z","times_seen":42040,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3t3d2y8.afcdn.net/library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4","fqdn":"s3t3d2y8.afcdn.net","domain":"afcdn.net","tld":"net"},"ip":{"addr":"185.76.9.25","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"media","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.591Z","timestamp":1720838372591,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afcdn.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:42:02 GMT","end":"Mon, 29 Jul 2024 07:42:01 GMT"},"fingerprint":{"sha1":"22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29","sha256":"12:A7:A5:8F:A3:B6:86:E4:BA:43:65:43:FB:4C:E8:66:6D:3E:78:3E:F3:B1:7D:2F:73:3F:86:A7:60:E8:FC:C0"}}},"request":{"raw":"GET /library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 HTTP/1.1\r\nHost: s3t3d2y8.afcdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ndate: Sat, 13 Jul 2024 02:39:32 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 33263\r\nlast-modified: Fri, 31 Dec 2021 10:19:17 GMT\r\netag: \"61ced925-81ef\"\r\naccept-ch: \r\nexpires: Wed, 16 Apr 2025 14:32:15 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, follow\r\nx-77-nzt: EwwBuUwJFAH37VxzAAwBuUwKEwH3BwAAAAgB1GY4EQGB\r\nx-77-nzt-ray: af585630a9a989e1e4e891669990122b\r\nx-accel-expires: @1744813936\r\nx-77-cache: HIT\r\nx-accel-date: 1713277943\r\nx-77-age: 7560429\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1713277943\r\nx-cache: HIT\r\nx-age: 7560429\r\nx-77-pop: stockholmSE\r\ncontent-range: bytes 0-33262/33263\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":33263,"size_decoded":33263,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"1413cd1c8cc4a6653851bdfc54fdb32f","sha1":"ede74c7bceaa7703fd30a60d5d9f04ca5eac5716","sha256":"41f006ad3d3978487383e7cdf609bbd8041bb1fd2af17b81874d80eaad003235","sha512":"1db47e2b8aa64c30d527e52fb9b98c91647f8e504b257702e08e6d9e380d91e068cdda464fd85c0f2a395b7ee6bea90f37bb1cb92b7c718d964c7e3c8557f83f","ssdeep":"768:0g43cLEMbwSdCfdkiUDKQvBSUfZiC6hYEN/rrqpp5Y0D:0gmM8pQEUfZiJiEdrSp5Yw","tlshash":"0ae2f1b38fc4de6ef5108374b12bbf09451f51e922b9f52d462306a3b59789e3ec0986","first_seen":"2023-04-05T14:36:21Z","last_seen":"2025-03-17T02:17:32.376768Z","times_seen":645,"resource_available":false,"data":null}},"time_used":503,"timings":{"blocked":-1,"dns":82,"connect":7,"send":0,"wait":8,"receive":357,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s.magsrv.com/cimp.php?t=api\u0026data=H4sIAAAAAAAAA12QwUpEMQxFf8UfmHKTpm06a9cKih/Q99qnLsaBEWUW+XjTNyBiD6WX5ia9lMFyQDkQ3zEfYz1GtkqhIggHSmIPj08mZNe3/vHVR1jPJxPWRMmUmSqslkyVTTQqyJvVZU6iagWoWbzm5mhwOEWRqQIAcoO9PN/vmxy2CFw5wfV81gQmrnGdvdAMLH3Jug4pvaumkXipDdtgGW0arYVTe/28fO85cSMgUt3H45fDNEeSyJ7HF2y/ft8u7TTM/jgnZZ89mef/6g0unjVPh6FJG1siVXZVhP1v1rGtnXIp2pcflJ5hTnQBAAA=\u0026dbt=e2e_6691e8e48fe565.85903938\u0026scr_info=YXN5bmN8fDM%3D","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.730Z","timestamp":1720838372730,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jul 2024 10:24:45 GMT","end":"Sun, 29 Sep 2024 10:24:44 GMT"},"fingerprint":{"sha1":"8E:61:86:2F:82:07:61:43:48:51:5B:D9:4A:30:13:C5:56:73:0F:42","sha256":"17:A2:65:2E:F2:4D:54:26:6B:A7:96:A0:98:4F:FF:84:DC:AF:D7:A8:52:C3:51:6A:E1:30:B4:11:A7:54:7B:E2"}}},"request":{"raw":"GET /cimp.php?t=api\u0026data=H4sIAAAAAAAAA12QwUpEMQxFf8UfmHKTpm06a9cKih/Q99qnLsaBEWUW+XjTNyBiD6WX5ia9lMFyQDkQ3zEfYz1GtkqhIggHSmIPj08mZNe3/vHVR1jPJxPWRMmUmSqslkyVTTQqyJvVZU6iagWoWbzm5mhwOEWRqQIAcoO9PN/vmxy2CFw5wfV81gQmrnGdvdAMLH3Jug4pvaumkXipDdtgGW0arYVTe/28fO85cSMgUt3H45fDNEeSyJ7HF2y/ft8u7TTM/jgnZZ89mef/6g0unjVPh6FJG1siVXZVhP1v1rGtnXIp2pcflJ5hTnQBAAA=\u0026dbt=e2e_6691e8e48fe565.85903938\u0026scr_info=YXN5bmN8fDM%3D HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: http://a.magsrv.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nCookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e466dfd6.283942273415866902%22%3B%7D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: http://a.magsrv.com\r\nAccess-Control-Allow-Credentials: true\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20,"size_decoded":20,"mime_type":"text/html; charset=UTF-8","magic":"gzip compressed data, max speed, from Unix","md5":"a4745abc5e7fdb89cc6df3069f3c6e69","sha1":"74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed","sha256":"d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf","sha512":"849461cb54ecde577246aad993d1ecabb879913e353ae322561c7c57605f571e23210fe12bdcef49faa99b5b003611976ff64348f620968271e38bba1c7d7f62","ssdeep":"","tlshash":"ce70000000003c30cc000030000fc000000c30003000c00300000030000300300c003f","first_seen":"2023-04-08T01:36:47Z","last_seen":"2025-03-02T02:51:47.01042Z","times_seen":42040,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3t3d2y8.afcdn.net/library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp","fqdn":"s3t3d2y8.afcdn.net","domain":"afcdn.net","tld":"net"},"ip":{"addr":"185.76.9.25","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.602Z","timestamp":1720838372602,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afcdn.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:42:02 GMT","end":"Mon, 29 Jul 2024 07:42:01 GMT"},"fingerprint":{"sha1":"22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29","sha256":"12:A7:A5:8F:A3:B6:86:E4:BA:43:65:43:FB:4C:E8:66:6D:3E:78:3E:F3:B1:7D:2F:73:3F:86:A7:60:E8:FC:C0"}}},"request":{"raw":"GET /library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp HTTP/1.1\r\nHost: s3t3d2y8.afcdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13180\r\nlast-modified: Fri, 31 Dec 2021 10:19:16 GMT\r\netag: \"61ced924-337c\"\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nexpires: Wed, 16 Apr 2025 14:32:15 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, follow\r\nx-77-nzt: EwwBuUwJFAH36FxzAAwBuUwKDAH3DQAAAAgBisclwQGB\r\nx-77-nzt-ray: af585630a9a989e1e4e8916684cc3a2b\r\nx-accel-expires: @1744813935\r\nx-77-cache: HIT\r\nx-accel-date: 1713277948\r\nx-77-age: 7560424\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1713277948\r\nx-cache: HIT\r\nx-age: 7560424\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13180,"size_decoded":13180,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8da76954e810412b8ec5378d8480ab45","sha1":"afaf6b58a8d6050615369f81598d4bd126bd021e","sha256":"4f186cbdc1268f6ab21f0e5bc6dfa6dce0c52fb60dec007a79e2c41d41bc4293","sha512":"977fe47f2daed8dc591138ad6c4d936e168a0b78ead89f95a38726465bf669b915b131d2a4aaa56244dd0a4893171c3d9e922ab9da856c21f10a255e6eb95e94","ssdeep":"","tlshash":"c7200000000030000c000000000000000000000000000000000000c000000000003000","first_seen":"2023-04-13T22:23:58Z","last_seen":"2025-03-17T02:17:32.359189Z","times_seen":658,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":59,"dns":2,"connect":10,"send":0,"wait":363,"receive":9,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3t3d2y8.afcdn.net/library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp","fqdn":"s3t3d2y8.afcdn.net","domain":"afcdn.net","tld":"net"},"ip":{"addr":"185.76.9.25","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.602Z","timestamp":1720838372602,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afcdn.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:42:02 GMT","end":"Mon, 29 Jul 2024 07:42:01 GMT"},"fingerprint":{"sha1":"22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29","sha256":"12:A7:A5:8F:A3:B6:86:E4:BA:43:65:43:FB:4C:E8:66:6D:3E:78:3E:F3:B1:7D:2F:73:3F:86:A7:60:E8:FC:C0"}}},"request":{"raw":"GET /library/428515/afaf6b58a8d6050615369f81598d4bd126bd021e.webp HTTP/1.1\r\nHost: s3t3d2y8.afcdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13180\r\nlast-modified: Fri, 31 Dec 2021 10:19:16 GMT\r\netag: \"61ced924-337c\"\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nexpires: Wed, 16 Apr 2025 14:32:15 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, follow\r\nx-77-nzt: EwwBuUwJFAH36FxzAAwBuUwKDAH3DQAAAAgBisclwQGB\r\nx-77-nzt-ray: af585630a9a989e1e4e8916641a74a2b\r\nx-accel-expires: @1744813935\r\nx-77-cache: HIT\r\nx-accel-date: 1713277948\r\nx-77-age: 7560424\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1713277948\r\nx-cache: HIT\r\nx-age: 7560424\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13180,"size_decoded":13180,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8da76954e810412b8ec5378d8480ab45","sha1":"afaf6b58a8d6050615369f81598d4bd126bd021e","sha256":"4f186cbdc1268f6ab21f0e5bc6dfa6dce0c52fb60dec007a79e2c41d41bc4293","sha512":"977fe47f2daed8dc591138ad6c4d936e168a0b78ead89f95a38726465bf669b915b131d2a4aaa56244dd0a4893171c3d9e922ab9da856c21f10a255e6eb95e94","ssdeep":"","tlshash":"c7200000000030000c000000000000000000000000000000000000c000000000003000","first_seen":"2023-04-13T22:23:58Z","last_seen":"2025-03-17T02:17:32.359189Z","times_seen":658,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":59,"dns":2,"connect":10,"send":0,"wait":363,"receive":9,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s3t3d2y8.afcdn.net/library/428515/5ceded664676db96d2b3b5382cb17da5e728eefc.webp","fqdn":"s3t3d2y8.afcdn.net","domain":"afcdn.net","tld":"net"},"ip":{"addr":"185.76.9.25","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:32.726Z","timestamp":1720838372726,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"afcdn.net","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:42:02 GMT","end":"Mon, 29 Jul 2024 07:42:01 GMT"},"fingerprint":{"sha1":"22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29","sha256":"12:A7:A5:8F:A3:B6:86:E4:BA:43:65:43:FB:4C:E8:66:6D:3E:78:3E:F3:B1:7D:2F:73:3F:86:A7:60:E8:FC:C0"}}},"request":{"raw":"GET /library/428515/5ceded664676db96d2b3b5382cb17da5e728eefc.webp HTTP/1.1\r\nHost: s3t3d2y8.afcdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:32 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12098\r\nlast-modified: Fri, 31 Dec 2021 10:19:16 GMT\r\netag: \"61ced924-2f42\"\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nexpires: Wed, 16 Apr 2025 14:32:18 GMT\r\ncache-control: max-age=31536000\r\naccess-control-allow-origin: *\r\nx-robots-tag: noindex, follow\r\nx-77-nzt: EwwBuUwJFAH33lxzAAwBuUwKCQH3FAAAAAgBnJIhJwGB\r\nx-77-nzt-ray: af585630a9a989e1e4e891661f644d2b\r\nx-accel-expires: @1744813938\r\nx-77-cache: HIT\r\nx-accel-date: 1713277958\r\nx-77-age: 7560414\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1713277958\r\nx-cache: HIT\r\nx-age: 7560414\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12098,"size_decoded":12098,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f873befbe3e52bba71c605062b1ff845","sha1":"5ceded664676db96d2b3b5382cb17da5e728eefc","sha256":"480a21117ecb1dac929af83d77cf4e57cb2342a2d424c5b798edf6379d472a41","sha512":"c2b07b7857f7e5f8479e0f7782615988d3587b21549a045394d07732d3c29715b76cd8313ebe53af8154623103494c4314e07ef35dab1674c6be661a9afddef3","ssdeep":"","tlshash":"c7200000000030000c000000000000000000000000000000000000c000000000003000","first_seen":"2023-04-16T08:44:20Z","last_seen":"2025-03-17T02:17:32.361678Z","times_seen":655,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":374,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/iframe.js?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.535Z","timestamp":1720838370535,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /iframe.js?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"a86791521569cc29518495534b5\"\r\nexpires: Thu, 11 Jul 2024 17:52:44 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH38SYAAAwBuUwKCQH3zgAAAAwB1GY4EQH33wIAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166c992471e\r\nx-accel-expires: @1720839193\r\nx-accel-date: 1720828401\r\nx-77-cache: HIT\r\nx-77-age: 9969\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710505\r\nx-cache: HIT\r\nx-age: 9969\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2292,"size_decoded":2292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2413), with no line terminators","md5":"2de27c55c243fb06964525117091e05b","sha1":"f1f28e0adae103296ffd610cbdf9c5a7220a95d9","sha256":"28cdb4d6978664806ec0f2d657f18f4f76b11311848f1019970c828e74d51edd","sha512":"1e70c49d48701d858da3625a1e9eb3bdb3b74a5d070a2cd292c8c288ae4ae64bdaf8a0224e6d6f8339da6e73b62044223300479239e117187aec1943c7f729b1","ssdeep":"","tlshash":"7e4175ae3043f6b01ec52c24557e3c39e5e76150798bc460a186ee96d66cefe1321f58","first_seen":"2024-05-23T05:02:38Z","last_seen":"2024-10-20T02:02:28.173075Z","times_seen":7,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/iframe.js?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.546Z","timestamp":1720838370546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /iframe.js?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"a86791521569cc29518495534b5\"\r\nexpires: Thu, 11 Jul 2024 17:52:44 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH38SYAAAwBuUwKCQH3zgAAAAwB1GY4EQH33wIAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e8916682326c1f\r\nx-accel-expires: @1720839193\r\nx-accel-date: 1720828401\r\nx-77-cache: HIT\r\nx-77-age: 9969\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710505\r\nx-cache: HIT\r\nx-age: 9969\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2292,"size_decoded":2292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2413), with no line terminators","md5":"2de27c55c243fb06964525117091e05b","sha1":"f1f28e0adae103296ffd610cbdf9c5a7220a95d9","sha256":"28cdb4d6978664806ec0f2d657f18f4f76b11311848f1019970c828e74d51edd","sha512":"1e70c49d48701d858da3625a1e9eb3bdb3b74a5d070a2cd292c8c288ae4ae64bdaf8a0224e6d6f8339da6e73b62044223300479239e117187aec1943c7f729b1","ssdeep":"","tlshash":"7e4175ae3043f6b01ec52c24557e3c39e5e76150798bc460a186ee96d66cefe1321f58","first_seen":"2024-05-23T05:02:38Z","last_seen":"2024-10-20T02:02:28.173075Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"s3t3d2y8.afcdn.net/images/close-icon-circle.png","fqdn":"s3t3d2y8.afcdn.net","domain":"afcdn.net","tld":"net"},"ip":{"addr":"185.76.9.25","port":80,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.933Z","timestamp":1720838370933,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/close-icon-circle.png HTTP/1.1\r\nHost: s3t3d2y8.afcdn.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 13 Jul 2024 02:39:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 405\r\nConnection: keep-alive\r\nLast-Modified: Thu, 11 Jan 2024 11:39:45 GMT\r\nETag: \"659fd381-195\"\r\nAccept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nExpires: Sun, 12 Jan 2025 20:00:36 GMT\r\nCache-Control: max-age=31536000\r\nAccess-Control-Allow-Origin: *\r\nX-Robots-Tag: noindex, follow\r\nX-77-NZT: EwwBuUwJFAH33uQQAAgBuUwKEwGBDAElE8IxAfciGN4A\r\nX-77-NZT-Ray: af585630a3c109dfe4e891662bff1319\r\nX-Accel-Expires: @1736712036\r\nX-Accel-Date: 1719731206\r\nX-77-Cache: HIT\r\nX-77-Age: 1107166\r\nServer: CDN77-Turbo\r\nX-Accel-Date-Max: 1719731206\r\nX-Cache: HIT\r\nX-Age: 1107166\r\nX-77-POP: stockholmSE\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":405,"size_decoded":405,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"bc8bf5d1633e548e9a178bf29be30b7b","sha1":"bd290b6eabd73d2c95db053620797503e9178484","sha256":"94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb","sha512":"9382f398492b21ad1e592b9375768db4736d8eb3dff54868d4387a67ec430a0a106567d874c380d0b8ebb791dc74996ba72931c0a52d20efb8a0cc6312d1c57a","ssdeep":"","tlshash":"c1e0a3e315dd4509afbdaf16551a0221ff773fdea4321a493d90d052559440e055a371","first_seen":"2023-04-13T22:41:38Z","last_seen":"2026-05-04T05:21:28.419563Z","times_seen":2910,"resource_available":false,"data":null}},"time_used":1592,"timings":{"blocked":1485,"dns":72,"connect":8,"send":0,"wait":9,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"thevirgin.pw/favicon.ico","fqdn":"thevirgin.pw","domain":"thevirgin.pw","tld":"pw"},"ip":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.727Z","timestamp":1720838370727,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: thevirgin.pw\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nCookie: 9a3bc=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 9a3bcb=1720838293\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.22.0\r\nDate: Sat, 13 Jul 2024 02:38:14 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":209,"size_decoded":209,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text, with no line terminators","md5":"8ace35f18ab1832bacfde13597767517","sha1":"22e4ee51bbdba11b19a2d6879bc60126dc89eecd","sha256":"f87134d32dc903f27ed9c905bfd824f31192dac9e05887b2dedbb1ca416d1280","sha512":"e3c3e4eae34d4abcd7b543e049c26b2e9ec2c1e71700e74d221186df3a91047b08a404d6097a749b8e64ced91bfd463ee73ea4db8f20cc8d259158c58ecf7934","ssdeep":"","tlshash":"ddd0239db453524e415218d02bc211d0454e43927d7902f53cc7544d751813dc8a7acd","first_seen":"2023-04-05T14:25:12Z","last_seen":"2025-04-06T19:50:22.293844Z","times_seen":2127,"resource_available":false,"data":null}},"time_used":1636,"timings":{"blocked":159,"dns":0,"connect":0,"send":0,"wait":42,"receive":1435,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-07-13T02:39:30Z","timestamp":1720838370,"ip_dst":{"addr":"62.197.49.67","port":80,"asn":58061,"as":"Scalaxy B.V.","country":"The Netherlands","country_code":"NL"},"ip_src":{"addr":"172.18.0.3","port":58666,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO HTTP Request to a *.pw domain","source":"{\"timestamp\":\"2024-07-13T02:39:30.927911+0000\",\"flow_id\":595608496934046,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":58666,\"dest_ip\":\"62.197.49.67\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2016777,\"rev\":16,\"signature\":\"ET INFO HTTP Request to a *.pw domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2013_04_20\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"http\":{\"hostname\":\"thevirgin.pw\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://thevirgin.pw/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":404,\"length\":193},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":6,\"bytes_toserver\":1337,\"bytes_toclient\":3504,\"start\":\"2024-07-13T02:39:30.167070+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"s.magsrv.com/splash.php?idzone=4838034\u0026cookieconsent=true","fqdn":"s.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"95.211.229.248","port":80,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.557Z","timestamp":1720838370557,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /splash.php?idzone=4838034\u0026cookieconsent=true HTTP/1.1\r\nHost: s.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nOrigin: http://thevirgin.pw\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 13 Jul 2024 02:39:30 GMT\r\nContent-Type: text/xml;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Headers: X-CH-VALUES\r\nSet-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226691e8e289cf39.775319012994108484%22%3B%7D; expires=Mon, 13 Jul 2026 02:39:30 GMT; path=; domain=.magsrv.com;\nc-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4838034%7C82332900%7C0%7C%7C98%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C%7C%7C0%7Cthevirgin.pw%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1720838370%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C425a81e0b5aa637a34d8fea51643a6bf%7Cok%22%7D; expires=Sun, 14 Jul 2024 02:39:30 GMT; path=/; domain=.magsrv.com;\r\nCache-Control: no-store\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: http://thevirgin.pw\r\nAccess-Control-Allow-Credentials: true\r\nX-Robots-Tag: noindex, follow\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6179,"size_decoded":6179,"mime_type":"text/xml; charset=UTF-8","magic":"XML document, ASCII text, with very long lines (6247), with no line terminators","md5":"dff3d0051df9f8858387a483803c8df1","sha1":"58fe783238eb22a4cfaf518611c7ed841d8470d5","sha256":"237f75f44b1e494f532aa63f946b1db7a4eab37c6c7a56740de9bc5810459993","sha512":"5ba9388d2c9f7965364991eb85705df35cd5584a1a882d5a1d653b7cb093c59cb3033d5fa11bf87dacb2de6e7067e54f93bc8e07a6dd17622d7a47082bd11c9a","ssdeep":"192:27dWJuoODcNtJbWJuAoBs1VfftE2bfftr:SWgo2e1Wgvktvtr","tlshash":"dbd1087d05da1e3f352081669665aced0f623caa39441ebaf88dc6e647afc8495d3700","first_seen":"2024-08-19T17:05:52.525333Z","last_seen":"2024-08-19T17:05:52.525333Z","times_seen":1,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":1,"connect":23,"send":0,"wait":333,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/iframe.js?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.598Z","timestamp":1720838370598,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /iframe.js?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"a86791521569cc29518495534b5\"\r\nexpires: Thu, 11 Jul 2024 17:52:44 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH38SYAAAwBuUwKCQH3zgAAAAwB1GY4EQH33wIAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e891664c5fbc22\r\nx-accel-expires: @1720839193\r\nx-accel-date: 1720828401\r\nx-77-cache: HIT\r\nx-77-age: 9969\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710505\r\nx-cache: HIT\r\nx-age: 9969\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2292,"size_decoded":2292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2413), with no line terminators","md5":"2de27c55c243fb06964525117091e05b","sha1":"f1f28e0adae103296ffd610cbdf9c5a7220a95d9","sha256":"28cdb4d6978664806ec0f2d657f18f4f76b11311848f1019970c828e74d51edd","sha512":"1e70c49d48701d858da3625a1e9eb3bdb3b74a5d070a2cd292c8c288ae4ae64bdaf8a0224e6d6f8339da6e73b62044223300479239e117187aec1943c7f729b1","ssdeep":"","tlshash":"7e4175ae3043f6b01ec52c24557e3c39e5e76150798bc460a186ee96d66cefe1321f58","first_seen":"2024-05-23T05:02:38Z","last_seen":"2024-10-20T02:02:28.173075Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/iframe.js?idzone=4838012\u0026size=300x250","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://a.magsrv.com/iframe.php?idzone=4838012\u0026size=300x250","date":"2024-07-13T02:39:30.611Z","timestamp":1720838370611,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /iframe.js?idzone=4838012\u0026size=300x250 HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://a.magsrv.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"a86791521569cc29518495534b5\"\r\nexpires: Thu, 11 Jul 2024 17:52:44 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH38SYAAAwBuUwKCQH3zgAAAAwB1GY4EQH33wIAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166af37c123\r\nx-accel-expires: @1720839193\r\nx-accel-date: 1720828401\r\nx-77-cache: HIT\r\nx-77-age: 9969\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710505\r\nx-cache: HIT\r\nx-age: 9969\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2292,"size_decoded":2292,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2413), with no line terminators","md5":"2de27c55c243fb06964525117091e05b","sha1":"f1f28e0adae103296ffd610cbdf9c5a7220a95d9","sha256":"28cdb4d6978664806ec0f2d657f18f4f76b11311848f1019970c828e74d51edd","sha512":"1e70c49d48701d858da3625a1e9eb3bdb3b74a5d070a2cd292c8c288ae4ae64bdaf8a0224e6d6f8339da6e73b62044223300479239e117187aec1943c7f729b1","ssdeep":"","tlshash":"7e4175ae3043f6b01ec52c24557e3c39e5e76150798bc460a186ee96d66cefe1321f58","first_seen":"2024-05-23T05:02:38Z","last_seen":"2024-10-20T02:02:28.173075Z","times_seen":7,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"a.magsrv.com/video-slider.js","fqdn":"a.magsrv.com","domain":"magsrv.com","tld":"com"},"ip":{"addr":"185.76.9.24","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://thevirgin.pw/","date":"2024-07-13T02:39:30.187Z","timestamp":1720838370187,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"magsrv.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Tue, 30 Apr 2024 07:49:25 GMT","end":"Mon, 29 Jul 2024 07:49:24 GMT"},"fingerprint":{"sha1":"E9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51","sha256":"CC:7A:6A:F2:89:AE:13:47:DC:CE:FB:5E:EF:BF:FB:FA:98:E5:AA:FA:6C:84:9E:C0:4C:DF:65:97:E3:1C:34:4C"}}},"request":{"raw":"GET /video-slider.js HTTP/1.1\r\nHost: a.magsrv.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://thevirgin.pw/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 13 Jul 2024 02:39:30 GMT\r\ncontent-type: application/javascript\r\netag: W/\"c59f2fe6bc1834557e544c2b787\"\r\nexpires: Thu, 11 Jul 2024 17:51:23 GMT\r\ncache-control: max-age=10800\r\nx-robots-tag: noindex, follow\r\naccess-control-allow-origin: *\r\nx-77-nzt: EwwBuUwJFAH3XCcAAAwBuUwKCQH32AIAAAwBJRPCMQH3VQAAAA\r\nx-77-nzt-ray: af5856302ea7dac8e2e89166253b680c\r\nx-accel-expires: @1720839094\r\nx-accel-date: 1720828294\r\nx-77-cache: HIT\r\nx-77-age: 10076\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-accel-date-max: 1720710296\r\nx-cache: HIT\r\nx-age: 10076\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45757,"size_decoded":45757,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31701)","md5":"3f6b75fbd59723a6564e74a91ce3ddea","sha1":"c59f2fe6bc1834557e544c2b787778597ee40e80","sha256":"ea8030a37b36fb35f4055a90eedae594932e6caa9c037927aa9b861debf4e6aa","sha512":"33f2df665eac5ac2cb7172cc0d6f854f3598eea35702eca8311d2101e3f51d717df15034f004b5d7427d6f5848b7b0f6ca69217f4f69f50566bf2da73f47c8dc","ssdeep":"768:NeL4xFG7kKZcxOxw8hwMjNOKVhMfhcgAHZ1Z8r1Z1AdOpKdFHCOPxAC8nV206rH2:EL4xFG7kKZcxOxw8hwMjNOKVhMfhcgAI","tlshash":"78231a8a239678308ad7904e6efa630537f4417d180e4058fa4dfad1672cfb505aabfc","first_seen":"2024-03-16T03:04:28Z","last_seen":"2025-04-08T01:44:00.214244Z","times_seen":267,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":19,"dns":1,"connect":7,"send":0,"wait":10,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}