magnews.ml/
45.153.184.53301 Moved Permanently 178 B IP 45.153.184.53:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET / HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://magnews.ml/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Wed, 26 Oct 2022 11:18:33 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: max-age=97811
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:04 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:20:15 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2330
Expires: Wed, 26 Oct 2022 07:48:54 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zLYhQ5/EsG3mnkD6MJ/jXHKi7lKHDTN+TNzx6oo5wnfnvMlerRs7e4p6N+c2T33mb/PvBjHd1vA=
x-amz-request-id: 3XPF620VJHCJAS8J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 07:09:16 GMT
age: 48
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 07:10:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0bfb8f2ddb3290aca21d871018d6831
f2beb2e8a8d60cbfa8962d3896c39780d2c87da6
d777ead8c1c167b4fab7c415e976cd28d3001a8ccd5d9e47e0e833ac66fb36b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D777EAD8C1C167B4FAB7C415E976CD28D3001A8CCD5D9E47E0E833AC66FB36B3"
Last-Modified: Wed, 26 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21530
Expires: Wed, 26 Oct 2022 13:08:54 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive
magnews.ml/
45.153.184.53200 OK 66 kB IP 45.153.184.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 5b976b8781ea17d4e8e61851a4b55bd1
accac70108a0bb26bb23cd50d4e0ac9bd21da66b
41ef4db838b0a72d6d43c188c8ae4b5dc3c98f04048851d28cc0354fc000f429
GET / HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-550db"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/bootstrap/css/bootstrap.min.css
45.153.184.53200 OK 20 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/bootstrap/css/bootstrap.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65320)
Hash 7320098f94dfddf69dc58b00df5317b4
20b566fb8ca4a9b0aa07eb73a6dc2766affe1a6e
bddcdc7dc578479e80a73161b748e4d7c6d3df5a265a39aa93963eec87beb79f
GET /assets/green/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1e822"
Content-Encoding: gzip
magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
45.153.184.53200 OK 8.3 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (35179)
Hash c5b5f80444b26b029d6b42b57adbe3f7
f9c124b3fc9c6605e9000aa9f939f390206678e3
0d8e82e594a879ffb4a3af830f803f90d5a17e99f04f4252c9f260672d3baa5b
GET /assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-8a1f"
Content-Encoding: gzip
magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
45.153.184.53200 OK 7.3 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (30837)
Hash 03ffadf80290ce56effd0a92ee1b6bb6
cdff33e0d2c3131cff1f25ee5e0a5d8bf4811706
ea282e7d965fa40101870e6c5c2555717b4cebe50146d447181374c8dab06f85
GET /assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-7918"
Content-Encoding: gzip
magnews.ml/assets/green/css/util.min.css
45.153.184.53200 OK 22 kB URL HTTP/1.1 magnews.ml/assets/green/css/util.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c6247f217036fdd8f69174ce886c9624
314a6ddaadab67f97a49ae42c0a5cabda78b32c2
5012ca1f6b2e3f2c7fa1f87daf806a8c854a7cdd881b247a0eeaf44a605f4b60
GET /assets/green/css/util.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1da98"
Content-Encoding: gzip
magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
45.153.184.53200 OK 8.6 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 537d2da505eca9ee970434b03a56d99e
37053b92083e963ad4421601243c85dfbf5c320a
0633860952806c3c4e153cce4d50d171be7f69923702518d3e61f6ceabb6a25d
GET /assets/green/fonts/iconic/css/material-design-iconic-font.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1149f"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/animate/animate.css
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/animate/animate.css
IP 45.153.184.53:0
Hash e7c0f39618e31caf1990a90a43defe8b
28c1b02c40b9f9db1a862fcd2cfd0b435ca3aafa
4e113aae2af6ede7c5d01eb34a663aa4c49611b2fe22636395ccae0c1e65a65a
GET /assets/green/vendor/animate/animate.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-5d28"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/animsition/css/animsition.min.css
45.153.184.53200 OK 2.5 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/animsition/css/animsition.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (27282)
Hash 59615e28e5f42254f9d250bbaa89b880
9281609cc1544bb2c554f7cf667292e5d86e4157
bba4f07149641070061d1b67adeaefedd43e69bfd4c20adaee62f37b7daabacf
GET /assets/green/vendor/animsition/css/animsition.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-6b56"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/css-hamburgers/hamburgers.min.css
45.153.184.53200 OK 2.3 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/css-hamburgers/hamburgers.min.css
IP 45.153.184.53:0
File type ASCII text, with very long lines (19499)
Hash 83520ce19ffaab02f055ed9be9e00c15
8d9ad268696cd5b10b5ebb102ebe6c1aa71f35fc
d6098a05ad8dc5771e1c986efa7eec7e083a7e74e7f9ddf7b85dbe41e19a5b7d
GET /assets/green/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-4ce0"
Content-Encoding: gzip
magnews.ml/assets/green/css/main.css
45.153.184.53200 OK 6.3 kB URL HTTP/1.1 magnews.ml/assets/green/css/main.css
IP 45.153.184.53:0
Hash 316436123f3ffd6fc81c4ba4ab2c5cad
fcc1bc8402924c0ca5e0e292bf5979a3571b75fa
053b1e33dd7490eb2282fa52bdf17c140a5a12c860e901d549d6bd6ccd9d30c5
GET /assets/green/css/main.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-8c4b"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js
45.153.184.53200 OK 31 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (32058)
Hash 3bb7ae2826c5f86610c1d4233074628d
bea0f851ec7c92520c3335a357dee19de671f46b
b61740175c6cd7cfcf2c346eb091b7e52d24169a9711b401e74021070282ceee
GET /assets/green/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-15283"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/animsition/js/animsition.min.js
45.153.184.53200 OK 2.0 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/animsition/js/animsition.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (5415)
Hash ae601be5bc180381fdca18afe7e2a86e
3e3d44d2312896e710c5c8d22b2bbd80e1398094
6f493600037617d7cbbfb3f7cfbd6a7777524c9b64b52e353541b187bc31f288
GET /assets/green/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-15ef"
Content-Encoding: gzip
magnews.ml/assets/green/js/main.js
45.153.184.53200 OK 2.0 kB URL HTTP/1.1 magnews.ml/assets/green/js/main.js
IP 45.153.184.53:0
Hash dfb2344cd95d15c282454d7ef6bc9176
0656f972b74a46a3baa89681283edd73bd74a61b
1792a18a8114934d93e651d899859379c7e07128796ea88ec5584efd0ba8271e
GET /assets/green/js/main.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-2299"
Content-Encoding: gzip
magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js
45.153.184.53200 OK 14 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js
IP 45.153.184.53:0
File type ASCII text, with very long lines (50904)
Hash aaa66f72df0f51f1d56afc50d6e19c18
35d3a2f552f65c637aefc79744081611fb6a299b
a96f8103c3df27c8bd3d0981b42972bd9e287b2dff6aac8f025467ae315bc833
GET /assets/green/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-c7c7"
Content-Encoding: gzip
magnews.ml/assets/green/images/icons/logo-01.png
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ml/assets/green/images/icons/logo-01.png
IP 45.153.184.53:0
File type PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e697b3a4e69a8f9bfa6f6ed6f17b088
8012c50117f0105c0f62ad8b2e42ab6c92260a56
3ef4a0cc1ec054dd3c3ab792e2aeb68b609d6719bd9215a73771ea8271e8e531
GET /assets/green/images/icons/logo-01.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/png
Content-Length: 3144
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-c48"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/vendor/bootstrap/js/popper.js
45.153.184.53200 OK 22 kB URL HTTP/1.1 magnews.ml/assets/green/vendor/bootstrap/js/popper.js
IP 45.153.184.53:0
File type Unicode text, UTF-8 text, with very long lines (337)
Hash d01c90e9a177cfe48de7664fc50cd8ce
9ac3958e7ded1ec4c03aa2355e7f9e7d7c57fcfa
6abc0b1ae2925012caf6f639af542225039af9e55a50aeee92d562e7fa6940fe
GET /assets/green/vendor/bootstrap/js/popper.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-13f06"
Content-Encoding: gzip
magnews.ml/assets/green/images/icons/logo-02.png
45.153.184.53200 OK 3.1 kB URL HTTP/1.1 magnews.ml/assets/green/images/icons/logo-02.png
IP 45.153.184.53:0
File type PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 11875c613d10690291eaacf7e6149bd6
984ef430013903318e0efc577a1593d98e4f096d
f1b6c0bf497f48b7482399d53dbdc68bcfc177ac9b3787eb8ea6a05619cdd13e
GET /assets/green/images/icons/logo-02.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/png
Content-Length: 3068
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-bfc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/images/popular-post-01.jpg
45.153.184.53200 OK 251 B URL HTTP/1.1 magnews.ml/assets/green/images/popular-post-01.jpg
IP 45.153.184.53:0
File type PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Hash 47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea
GET /assets/green/images/popular-post-01.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/images/popular-post-02.jpg
45.153.184.53200 OK 251 B URL HTTP/1.1 magnews.ml/assets/green/images/popular-post-02.jpg
IP 45.153.184.53:0
File type PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Hash 47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea
GET /assets/green/images/popular-post-02.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/images/popular-post-03.jpg
45.153.184.53200 OK 251 B URL HTTP/1.1 magnews.ml/assets/green/images/popular-post-03.jpg
IP 45.153.184.53:0
File type PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Hash 47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea
GET /assets/green/images/popular-post-03.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4479
Cache-Control: max-age=94282
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:05 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:21:27 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
magnews.ml/assets/green/fonts/Roboto/Roboto-Regular.ttf
45.153.184.53200 OK 172 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/Roboto/Roboto-Regular.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size 172 kB (171676 bytes)
Hash 3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
GET /assets/green/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/octet-stream
Content-Length: 171676
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-29e9c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2
45.153.184.53200 OK 54 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 54488, version 1.0\012- data
Hash e8c322de9658cbeb8a774b6624167c2c
db06af71da4197a4e1bd553d124725a8081c13f0
e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69
GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/octet-stream
Content-Length: 54488
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-d4d8"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive
push.services.mozilla.com/
35.83.241.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.241.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H8U8uTPQIQ2Iua6vWSxKFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +htvM8l2DFIUysYdUMDU0ZoijIk=
pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js
192.243.61.227200 OK 9.3 kB URL HTTP/1.1 pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25110), with no line terminators
Hash 8f3ea1686ed91ea69abacf9ab1d6d59f
f07ac0b77b16cd83e8d5d7ce442a906eebee5433
e7f2903ccecca99adac3f21ede3724f9427ecd9b17032b1155a5a697fa5bb00b
Analyzer Verdict Alert quad9 Sinkholed
GET /00f486fa888626aba7a0e9f6a9626346/invoke.js HTTP/1.1
Host: pl16782612.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f58202c1569e712869b37b749bafbaab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ecdba33e870439365faa2096b779869
8fee506845073a72f45c6627ef9c5e98811ae278
38480634d7cbfa150854ee060c22ee8653ff3fdf80a2e927077eaa5e9fbf30c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38480634D7CBFA150854EE060C22EE8653FF3FDF80A2E927077EAA5E9FBF30C7"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3192
Expires: Wed, 26 Oct 2022 08:03:17 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive
pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37151), with no line terminators
Hash c1cc4a9610fa5a369de7657d45bb6bde
311b2ec7dd6a9c86a27d9cc3993825efd5dd4688
0404f5a8328bbd5042837ec5103c65e876d119e50b7c8251a085c3cef6cf38d9
Analyzer Verdict Alert quad9 Sinkholed
GET /55/1a/82/551a820a848f2430ac19a64893e2cf74.js HTTP/1.1
Host: pl16782607.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2e2b8a5b05d21691311cfb7bab0b39e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js
192.243.61.225200 OK 20 kB URL HTTP/1.1 pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59383), with no line terminators
Hash 2a6726af64f4651adc8edcb53d96861f
c2c3850f4d8adf96f0c16df6e6da0e0d71a93b47
25aefd4078563d49b9eb73a17cb385cfea71e0f8dbb0a17937d064a51303692e
Analyzer Verdict Alert quad9 Sinkholed
GET /a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js HTTP/1.1
Host: pl16782680.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0d7695c55a03bc7e229a0fd1b027521
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 7dcc19609eb24659ddae89a41fa3842d
984b5a7090ae95203e6b92f3f3fdccf60b6b31e6
5818f02389fb2b95e3cf8acbdf1c46fb81ebca9ced238980c16f19d56b92394e
Analyzer Verdict Alert quad9 Sinkholed
GET /6de05bc705f2765cf895993a4a2c1b62/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a9151d18319202277ce19103b0734ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
magnews.ml/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
45.153.184.53200 OK 38 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 38384
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-95f0"
Accept-Ranges: bytes
www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 62588ee2b79fbd184409f5aa0af34afe
2e69b8b80742c13ac1ced1c6a220e1fea9212db6
9a1ab91a9f0b3671a6cf6e98459228b6b2e4b384d026783a52a39d9b6c8554f3
Analyzer Verdict Alert quad9 Sinkholed
GET /851e934a41caba4f0598fd88e5f72562/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcf5c503fcd30deae50bc0e9130fa6fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
magnews.ml/assets/green/fonts/Roboto/Roboto-Medium.ttf
45.153.184.53200 OK 172 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/Roboto/Roboto-Medium.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size 172 kB (172064 bytes)
Hash d08840599e05db7345652d3d417574a9
5f16f4d6dbb4a4f12d8ae96488ac209bb49762a5
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
GET /assets/green/fonts/Roboto/Roboto-Medium.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 172064
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-2a020"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
45.153.184.53200 OK 77 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-12d68"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 787b1fc5d5f4cff91f5aee14f0cc2abf
a27036e3eeb9e273c9d9b5175237ff400b341c92
02cf018bf2716a3128a827ea3cc1daca23e98e0469c0dd24807e140af1a8f7b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110891
Date: Wed, 26 Oct 2022 07:10:06 GMT
Etag: "6357d705-1d7"
Expires: Thu, 27 Oct 2022 13:58:17 GMT
Last-Modified: Tue, 25 Oct 2022 12:31:01 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E5QucrE5qojlzgERoMVebbXu7mFdlK82QMMClPAZ6QNa_xWy0Hthlg==
Age: 5236
magnews.ml/assets/green/fonts/Lato/Lato-Regular.ttf
45.153.184.53200 OK 120 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/Lato/Lato-Regular.ttf
IP 45.153.184.53:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 30 names, Macintosh, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und\012- data
Size 120 kB (120196 bytes)
Hash 7f690e503a254e0b8349aec0177e07aa
127f241871a9fe42cd8d073a0835410f3824d57c
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
GET /assets/green/fonts/Lato/Lato-Regular.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 120196
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-1d584"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash ab10e11575f5e92eedebe2e51b41246a
6b36db0a667f9cdee59af3b5850897d1a96d8710
763cd5cd367cc36d661f0c48fab13c7ccdb67089e7d43f5322229a1f1ec561dd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
set-cookie: uid_id2=16222221-115b-44b9-b912-ba921ab9e13c:1:1; expires=Sat, 23 Oct 2032 07:10:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
set-cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Sat, 23 Oct 2032 07:10:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
magnews.ml/assets/green/fonts/Roboto/Roboto-Bold.ttf
45.153.184.53200 OK 171 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/Roboto/Roboto-Bold.ttf
IP 45.153.184.53:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size 171 kB (170760 bytes)
Hash ee7b96fa85d8fdb8c126409326ac2d2b
0ce37ced9c5fcac9bdc452a432c1258870ba4677
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
GET /assets/green/fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 170760
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-29b08"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2
45.153.184.53200 OK 40 kB URL HTTP/1.1 magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2
IP 45.153.184.53:0
File type Web Open Font Format (Version 2), TrueType, length 40148, version 1.0\012- data
Hash 0ab54153eeeca0ce03978cc463b257f7
6ec6d36cb2464b4e821cfabb532f310bd342601c
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 40148
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-9cd4"
Accept-Ranges: bytes
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6580
Expires: Wed, 26 Oct 2022 08:59:46 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17082
Expires: Wed, 26 Oct 2022 11:54:48 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6580
Expires: Wed, 26 Oct 2022 08:59:46 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17082
Expires: Wed, 26 Oct 2022 11:54:48 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c527a016fda6b0c8b300c22b2c2e26d6
f224854f4765c34814e0b4bdaa42bb4856c82578
6c6efa014eafaf93a9b8729975b66350a01a1bf8ff38bcf426c809d8a2c7d34d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C6EFA014EAFAF93A9B8729975B66350A01A1BF8FF38BCF426C809D8A2C7D34D"
Last-Modified: Wed, 26 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6103
Expires: Wed, 26 Oct 2022 08:51:49 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ece8e056c63ebf66e48e459a742ba5a2
85ed794984a5e499be8af897db040d9edf6e72c5
3ad27dbd106ed37f72dc22b2de0f6d502c770826a9a51ee55721c4d8e5bf44f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AD27DBD106ED37F72DC22B2DE0F6D502C770826A9A51EE55721C4D8E5BF44F3"
Last-Modified: Sun, 23 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1439
Expires: Wed, 26 Oct 2022 07:34:05 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4b1b2784fd7902093184b97b0df69d46
b6b22497f1d13c843591c632b3af3b541563850e
e0a11d9e96ebd3f3d52cfadc0f0eadb605554e9cefd9cbca1b2785338370ca82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0A11D9E96EBD3F3D52CFADC0F0EADB605554E9CEFD9CBCA1B2785338370CA82"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6492
Expires: Wed, 26 Oct 2022 08:58:18 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f3bf934ab9f0231e8f68af8391fab3d
5c2d1204d1b1667d9e78b9c9962bc05d28c12bc5
44eb4a9956218bd1fca7b994b077852b9ffebd3d23351217befeeb3ec5082629
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44EB4A9956218BD1FCA7B994B077852B9FFEBD3D23351217BEFEEB3EC5082629"
Last-Modified: Sun, 23 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2278
Expires: Wed, 26 Oct 2022 07:48:04 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70
173.233.137.44200 OK 0 B URL HTTP/1.1 suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: suspendedflesh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 23612
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eccb336-aab3-4c45-986e-3d5c068fa95f.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eccb336-aab3-4c45-986e-3d5c068fa95f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77f26048280036eede4e216d7ac2ed6f
619dff28900195c0d76692c6695c610c57fde4f2
d17b83d8de3794b198bd371579ca3447639f53121eb463b6eb0a766fe7f0103c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eccb336-aab3-4c45-986e-3d5c068fa95f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4545
x-amzn-requestid: f774726e-125a-486e-8f7b-7eb86450368a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2qHG7IAMFTSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-3e3bf9a7046685f7643817b9;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cH4Ae-5tI8KMs7ZQCIQM6OWRz1cEBUf7eOTZmQw0mJ-cmnlLqSX19w==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:53:34 GMT
age: 33392
etag: "619dff28900195c0d76692c6695c610c57fde4f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:05:09 GMT
age: 32697
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33fda234-9118-4b4b-86d9-02c36810eda5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33fda234-9118-4b4b-86d9-02c36810eda5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b949df0edd9d64aa962e3bf4b267889e
3ef04f8c638dddf8bb8b70aae74770892307c814
e6c42bdd84bc9661c25a201599c29257b843d86d638ec479e7b5fa7bf81bc961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33fda234-9118-4b4b-86d9-02c36810eda5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11622
x-amzn-requestid: f1879080-36ae-4e3e-a268-a66c9436b593
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYpqGZkoAMF1mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa170-6b387b7f7f3a72e90fe5f1bd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WuATOD9fJ6akCvKeE69v1PzPkmYKnEFwI_DpHsw2NVUozsiR77M5qA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 05:56:07 GMT
age: 4439
etag: "3ef04f8c638dddf8bb8b70aae74770892307c814"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 656b64fb178a96cdeab7d54d0d3df5ba
f628269fc4ba16b1c4b11a8bc965a7dba93755cb
eb1126cfc2a686ea8d845a4898d904a133ff3284578f3a42a45fe01138df6c8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: d7e1e331-09cc-4bdd-83a3-594b65e50d79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK-TEWXIAMFoCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358585b-6e2c04ed0d36eea85de94a22;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b89C7sl-8jR1VviZlenbR1NYN96IhBfbU44KhRuy5oT2Db1NbFZqvQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:11:46 GMT
age: 32300
etag: "f628269fc4ba16b1c4b11a8bc965a7dba93755cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 32459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1 HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Location: https://dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t
Set-Cookie: u_pl=16682114; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjExNCwiayI6Ijg1MWU5MzRhNDFjYWJhNGYwNTk4ZmQ4OGU1ZjcyNTYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzZzBka3QwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLm1sLyJ9fQ.r_-NCmjSA-qys4NJede2g2826PbzLZflbxJwFjzfeyA; expires=Wed, 26 Oct 2022 07:11:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 705ef34f255dba845e3b06b72757ce6b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 414291d4efb3e45cb5159c713c22bc8a
884275c8c6cbbb0fa2597db5afee071c074cddf4
8d079e8b76e04da709626a654ee9524e1de331120a781e80a6506e77c9968b00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D079E8B76E04DA709626A654EE9524E1DE331120A781E80A6506E77C9968B00"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17179
Expires: Wed, 26 Oct 2022 11:56:26 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1 HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Location: https://literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t
Set-Cookie: u_pl=16682133; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjEzMywiayI6IjZkZTA1YmM3MDVmMjc2NWNmODk1OTkzYTRhMmMxYjYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZzhwbWttNDd4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hZ25ld3MubWwvIn19.V2GxZ9rMb59gAQibwKckoAuQPXQntk9ppcVvQcfgWoU; expires=Wed, 26 Oct 2022 07:11:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d407e92d93d6c6382ec7bbf9dba355c7
Strict-Transport-Security: max-age=0; includeSubdomains
dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2629)
Hash 81c4732cfdf5f8987680e87259fbdd5c
edb62ffbced18db707983940dc242cef7fc68067
0735deef45e9cdbd7b6bfae35b591c2ce8972be23b84c8245df034ae1ff60e4f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Referer: https://magnews.ml/
Connection: keep-alive
Cookie: u_pl=16682114; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjExNCwiayI6Ijg1MWU5MzRhNDFjYWJhNGYwNTk4ZmQ4OGU1ZjcyNTYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzZzBka3QwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLm1sLyJ9fQ.r_-NCmjSA-qys4NJede2g2826PbzLZflbxJwFjzfeyA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
iprcc7eb6ad2cf8ef825400065d0b7f98124=3569806; expires=Wed, 26 Oct 2022 11:10:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58c31e9a88250d3f12203ade43d39ebb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
schemevolcanosuspicions.com/ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4
192.243.59.20200 OK 17 kB URL HTTP/1.1 schemevolcanosuspicions.com/ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16849), with no line terminators
Hash 14de8de1675412fca661c84a8bee8582
2b7d06e8861c2ce849f5d58f8286deb1169dc0be
57dacdafb6bb20b7f5926dd756c31f8e4e7e90ece2a483cf1dd3d506bb4cb47e
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4 HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: application/json
Content-Length: 16849
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16682113; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]; expires=Wed, 26 Oct 2022 07:10:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bd025c514568ed63c2f78030ac0b9c6d
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
172.64.203.23200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 04bc727d1c908fc849d2972c0e5ded98
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 07:10:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60aUd1eclNQCxtkB8EF1h4iVJQt%2FXhc8s0DLxZ5JW61JTHE2gfpKv%2BB%2BBQOIaTb%2BFHA0YUfMtJFsHnUSRqTSZl7tlcVIcz4E93k50mRJIZWIrwq1NjEOLiwVjJZcZKV%2BL%2Fp%2F6XA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ec99c6b889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9e7c2c5a987354f406d7b4d141b7264
559107c3cdab5c3c3a7b42fbcc0428cb8b445d77
41da931fe0fec01e9ae0ca5e63d9156f748fa10b185d815d05b74938cc5769a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41DA931FE0FEC01E9AE0CA5E63D9156F748FA10B185D815D05B74938CC5769A4"
Last-Modified: Wed, 26 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2961
Expires: Wed, 26 Oct 2022 07:59:28 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c9eb4f5d99613a73e71df55e8a5d83e
f0a75dfd250b74f88c3ee597d2cae20bad696819
b54395b70fe53f079c9f4576f82f131c1e13e0c88cec8ff07b14258147d4128a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B54395B70FE53F079C9F4576F82F131C1E13E0C88CEC8FF07B14258147D4128A"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Wed, 26 Oct 2022 07:56:23 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4594e8ba5c5400063e10bc81c030cd4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c9eb4f5d99613a73e71df55e8a5d83e
f0a75dfd250b74f88c3ee597d2cae20bad696819
b54395b70fe53f079c9f4576f82f131c1e13e0c88cec8ff07b14258147d4128a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B54395B70FE53F079C9F4576F82F131C1E13E0C88CEC8FF07B14258147D4128A"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Wed, 26 Oct 2022 07:56:23 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 908b8336947061be11b260e40da56ffb
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e19bb4a67eea47247be1c0c667514091
Strict-Transport-Security: max-age=0; includeSubdomains
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 172b4d5d7dad627442e58c407eb2ebfe
Strict-Transport-Security: max-age=0; includeSubdomains
yearlingpreferablyperiods.com/sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
192.243.59.12200 OK 4.1 kB URL HTTP/1.1 yearlingpreferablyperiods.com/sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5726), with no line terminators
Hash b364e0b51f0ff7544228977055f5c7e3
5455f9190ea70660aab53d6d21b57110c168f2fd
7e531bb6cc89dfb42b5735954d012043564d8f0f452bd9be64ae2f2a6a4162db
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16682108; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
slec551a820a848f2430ac19a64893e2cf74=[3364902]; expires=Wed, 26 Oct 2022 07:10:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8a68a28b95b759ac17c5cbf1728a4a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f142b94df21747dfbdfc3b6aaf702a3b
b27d5ca0c9f968f68cb427cfb1a2c1ed35378a41
7df07819035cf7a775d7abab7a54607efdebeda0b51c78830eb8ef4bec0f10ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: max-age=126498
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:07 GMT
Etag: "63581bf3-117"
Expires: Thu, 27 Oct 2022 18:18:25 GMT
Last-Modified: Tue, 25 Oct 2022 17:25:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25b81533916effb6270d0ce3c8633dba
2cb1b18d9fea15854d8cf6d017fe28e79c7bc443
45d68bb4a6304ca626b1e1826bdd47ee5b387374ddb7daaf00ea2089ba01bf98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D68BB4A6304CA626B1E1826BDD47EE5B387374DDB7DAAF00EA2089BA01BF98"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17969
Expires: Wed, 26 Oct 2022 12:09:36 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25b81533916effb6270d0ce3c8633dba
2cb1b18d9fea15854d8cf6d017fe28e79c7bc443
45d68bb4a6304ca626b1e1826bdd47ee5b387374ddb7daaf00ea2089ba01bf98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D68BB4A6304CA626B1E1826BDD47EE5B387374DDB7DAAF00EA2089BA01BF98"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17969
Expires: Wed, 26 Oct 2022 12:09:36 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive
yearlingpreferablyperiods.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 yearlingpreferablyperiods.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6490c6cc969dd5ecd156a4ea8ff76d5
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f52a47ca5287b553204a1f1b91e3418
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a65d05ffa3913bdf690c4a3f19321af8
Strict-Transport-Security: max-age=0; includeSubdomains
magnews.ml/assets/green/images/icons/favicon.png
45.153.184.53200 OK 1.3 kB URL HTTP/1.1 magnews.ml/assets/green/images/icons/favicon.png
IP 45.153.184.53:0
File type PNG image data, 39 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash a9b55aa2db953b06d76ea054eed0ec4d
22d6b5b4a1bb84f7bd9f955cde92540949008cd0
696b160fc653e697ec954165024f280b99897868f83d980ad041c7eaba8bdd82
GET /assets/green/images/icons/favicon.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1; sb_main_551a820a848f2430ac19a64893e2cf74=1; sb_count_551a820a848f2430ac19a64893e2cf74=1; ppu_main_a2bfde9dd2920ce8ff524c9b82194b23=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=schemevolcanosuspicions.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=yearlingpreferablyperiods.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Type: image/png
Content-Length: 1283
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-503"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2642)
Hash f6fd09e2d563a6fbf02199ab501f6a59
b42ad4b18d6b4c93b23b23e5ea77b9236730c008
ba1af2ef4199b60b57aa65b5a30fcde6138e873dacf57c918aea2a730a450cca
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Referer: https://magnews.ml/
Connection: keep-alive
Cookie: u_pl=16682133; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjEzMywiayI6IjZkZTA1YmM3MDVmMjc2NWNmODk1OTkzYTRhMmMxYjYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZzhwbWttNDd4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hZ25ld3MubWwvIn19.V2GxZ9rMb59gAQibwKckoAuQPXQntk9ppcVvQcfgWoU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=16222221-115b-44b9-b912-ba921ab9e13c:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
iprc8696a2bb812fa173374ac43601f5b3e6=3569807; expires=Wed, 26 Oct 2022 11:10:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
pdhtkv27=true; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
uncs27=1; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ee4d084c6802b62b3e36138e146f1d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
104.26.7.19200 OK 68 kB URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
IP 104.26.7.19:0
File type HTML document text\012- HTML document, ASCII text
Hash 320a8fb7a7f0d395f81c1d62259ac79c
d8e16cc260259cfea4900e02874b2a0e914e4ec6
0c4dc464eb3a7349cc008113b6c3964fc9dd165ef2768e19536ef4e729b36c1f
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYoHCwSEvz41KEI%2B8L%2BJqs2IdoJHI%2BKef7pRig1XkQIKdWTqrVfIxVSMKmjdnf8B8JMZLF4osnlZFkPG0aQTxBc2VrGsuEbC0S9Y5UtnC3DssbLq%2BX1sg3Zioi84fXPQcN8NeJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed26c5db4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9894cc5eeb58d5f6c7601b2e11c11e09
922e451c29f933eea61099c743d4523568afbd56
d72966cfa6230a3a2b185c1bd2d2b88b806988de426d1a795ceb0fe2e95f0790
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D72966CFA6230A3A2B185C1BD2D2B88B806988DE426D1A795CEB0FE2E95F0790"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3442
Expires: Wed, 26 Oct 2022 08:07:30 GMT
Date: Wed, 26 Oct 2022 07:10:08 GMT
Connection: keep-alive
yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696
192.243.59.12200 OK 0 B URL HTTP/1.1 yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
172.64.110.27200 OK 60 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
IP 172.64.110.27:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Hash 9337eb4f9526f6d16e6d1602d8fee3ae
203c7272c5a60a752db43857b2d337d644f690f5
1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: image/jpeg
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7247133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKlKx%2F7l1nc%2Fnzp5f9aeTAseOmBK0Urp4RqGTqWBbA5sg6UAq723c1j5us4QsjYaECCZUQGiuIHg%2BZrGJ%2BQ4Bwj%2B44hNSXm%2BFJN9%2BdvDsbhhDxhnx9XOF%2BRtaCaEXR%2Bp2Lo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed76a997545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9894cc5eeb58d5f6c7601b2e11c11e09
922e451c29f933eea61099c743d4523568afbd56
d72966cfa6230a3a2b185c1bd2d2b88b806988de426d1a795ceb0fe2e95f0790
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D72966CFA6230A3A2B185C1BD2D2B88B806988DE426D1A795CEB0FE2E95F0790"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3442
Expires: Wed, 26 Oct 2022 08:07:30 GMT
Date: Wed, 26 Oct 2022 07:10:08 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 2b725d76fcb5b313ede8ecf8058e70a6
cc87b9bb9d7be506d6f46b38c0a932b877c60338
4cf2dd1730db80e07afbf500340fbd83c73816c59cdb4b57dc490da8c411185f
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 07:10:08 GMT
date: Wed, 26 Oct 2022 07:10:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347
192.243.59.12200 OK 0 B URL HTTP/1.1 yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
172.64.110.27200 OK 2.5 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
IP 172.64.110.27:0
Hash f1766bbd61c5bc27a636c8b30875588f
4a72ecdd5fa887887d2d8eb67b65491c9731708c
ba5bd2b5efbcbfb3c82b59173e4bbda4dd81477adae455c3d48f8c1005f444ab
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIg00BVUvR6hAGHa7yMBf6IB6nYQZEf7661GieBEti7WDk4yEnUq9utKVJ%2BWkTXb%2FSk1urOwdeB5hGiQvCH1CsaHzomtCRjNOh6Myy3wTYFvs96w8PEgXLUddS22J2uUjhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed72a457545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560160
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560161
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
172.64.110.27200 OK 257 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
IP 172.64.110.27:0
Hash 8e903260935524c1f5eb8e07417fc653
2eba6224960e767d7d9ceb5641fa06204551f668
b7a9e40afd034f0fe6d1fce20d4e469416b5ca9208593096fe2cc61dd441e44f
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8L46KIU5hkhGxlqSUbP69KGJr01HG%2F7RqjJcDX%2F8g2UsuDkHWlmEapPbt3wbBThBQ3ozZQsKerA0PSpjawW0pZB8%2F5vaqmibWv8JkRrHZblW%2FDLaG4xopFw6oapoyIRG84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed74a5c7545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
172.64.110.27200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
IP 172.64.110.27:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdrak%2Fy5iSsNQyEx1o%2F7O4esT2E1YiGXyhpm6Y2Czsa4W8DiegPbh99hm343s7ylj1yRLZVsOcpjnYtbjEKZOVHPjlssZ6O9Zrmo4XWD7jaO6zlJKM5ttQFn5Yvd3NSousk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed74a607545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yearlingpreferablyperiods.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 yearlingpreferablyperiods.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2094ec9b833e1d70c6441db84190e9c
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg
IP 172.64.110.27:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7247133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgncGG7Y9dX6DykKPzVZS1%2BoNIQNtxWvTxaERug1REy8GSDMgYnnU167QCz3TDvY7VuZn2Dy%2FbskF5%2Bi4Aun6a0ZsObmWo8RwveLKQ0Bqpagu%2FsON9BfRNWE%2FaJJM8kT4AQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed75a877545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.193.5200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.193.5:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ea5379521a929ee9cef126186cb3f715
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 07:10:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ez%2FU1TGSUcYFXQ6rCh1bfo2CpEPv6EkM1LLfd12LFafMdVMXJfkfimGKyGSAB9LjGYVHInlbAjnCrytua9pX3TkK%2Bse6ajRXxueJcCHo1kCTgB2xQMqsggojd4Q7QMUEScHsws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ec988527463-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2