Report - magnews.ml/

Report Overview

Submitted URL
magnews.ml/
IP
45.153.184.53
ASN
#202448 MVPS LTD
Submitted
2022-10-26 07:10:15
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	1.3 kB	2.8 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	365 B	1.9 kB	142.250.74.10
pl16782612.profitablegatetocontent.com	unknown			399 B	10 kB	192.243.61.227
dwightadjoining.com	unknown	2022-10-07T20:40:58Z	2023-03-09T16:39:14Z	2.2 kB	5.8 kB	173.233.137.44
yearlingpreferablyperiods.com	unknown	2022-10-21T03:54:17Z	2022-12-20T08:48:38Z	5.6 kB	8.0 kB	192.243.59.12
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-10T13:09:35Z	1.4 kB	846 B	192.243.59.13
cdn.sb4you1.com	22321	2021-09-16T13:26:58Z	2023-01-15T20:13:01Z	2.1 kB	72 kB	172.64.110.27
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-10T08:01:44Z	343 B	956 B	172.64.193.5
pl16782680.profitablegatetocontent.com	unknown			401 B	21 kB	192.243.61.225
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	1.0 kB	54.230.245.39
literalcorpulent.com	unknown	2022-10-21T03:59:02Z	2023-03-09T16:51:50Z	2.2 kB	5.8 kB	192.243.61.225
schemevolcanosuspicions.com	unknown	2022-10-21T03:31:40Z	2023-01-30T13:29:12Z	7.6 kB	21 kB	192.243.59.20
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	928 B	34 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	50 kB	34.120.237.76
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-10T05:12:27Z	2.1 kB	254 kB	45.133.44.9
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-10T13:25:27Z	343 B	28 kB	172.64.203.23
magnews.ml	unknown			13 kB	1.1 MB	45.153.184.53
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	35.83.241.90
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	2.0 kB	4.4 kB	23.36.77.32
suspendedflesh.com	unknown	2022-10-21T04:49:05Z	2023-01-26T13:04:29Z	428 B	467 B	173.233.137.44
pl16782607.profitablegatetocontent.com	unknown			401 B	14 kB	173.233.137.44
www.highperformancedisplayformat.com	unknown	2022-09-01T03:42:42Z	2023-03-10T07:22:26Z	794 B	21 kB	192.243.59.12
cdn.yourwebbars.com	62037	2021-01-29T18:47:27Z	2023-03-10T08:11:41Z	438 B	68 kB	104.26.7.19
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-10T06:13:04Z	2.1 kB	1.6 kB	18.193.142.27
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	7.2 kB	20 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	987 B	2.2 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	profitablegatetocontent.com	Sinkholed
2022-10-26	medium	profitablegatetocontent.com	Sinkholed
2022-10-26	medium	profitablegatetocontent.com	Sinkholed
2022-10-25	medium	highperformancedisplayformat.com	Sinkholed
2022-10-25	medium	highperformancedisplayformat.com	Sinkholed
2022-10-26	medium	suspendedflesh.com	Sinkholed
2022-10-26	medium	dwightadjoining.com	Sinkholed
2022-10-26	medium	literalcorpulent.com	Sinkholed
2022-10-26	medium	dwightadjoining.com	Sinkholed
2022-10-26	medium	schemevolcanosuspicions.com	Sinkholed
2022-10-26	medium	friendshipmale.com	Sinkholed
2022-10-26	medium	schemevolcanosuspicions.com	Sinkholed
2022-10-26	medium	schemevolcanosuspicions.com	Sinkholed
2022-10-26	medium	schemevolcanosuspicions.com	Sinkholed
2022-10-26	medium	schemevolcanosuspicions.com	Sinkholed
2022-10-26	medium	yearlingpreferablyperiods.com	Sinkholed
2022-10-26	medium	yearlingpreferablyperiods.com	Sinkholed
2022-10-25	medium	unseenreport.com	Sinkholed
2022-10-25	medium	unseenreport.com	Sinkholed
2022-10-26	medium	literalcorpulent.com	Sinkholed
2022-10-26	medium	yearlingpreferablyperiods.com	Sinkholed
2022-10-26	medium	yearlingpreferablyperiods.com	Sinkholed
2022-10-26	medium	yearlingpreferablyperiods.com	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	http:blank	3.3 kB	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash bde629ff059d6f5e17076728e3acd5fd 210d131f8363edd3c7f7a6de3fa1acfd201cca8d 0551bac0eed28240c533a573a6ac323338a7e54120f633e0bfea99e025a2974c Loading...

	http:blank	3.3 kB	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash 70c4322eeaea15d79714df3b34f0eebe eed3315576f8fc44948686e758872f53e268bca4 78808bb67e9aae70043a195afb3074edebf5347ddf1c7ae63b08062cf95178d3 Loading...

	magnews.ml/assets/green/vendor/bootstrap/js/popper.js	82 kB	2023-03-07	2024-05-07
Pretty URL magnews.ml/assets/green/vendor/bootstrap/js/popper.js IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-05-07 21:05:47 Times Seen840 Hash 426ce17eeabd071e85b0bb50e5a18c6c 00e2321a61daaf93f57669a81f0484d75eca8158 a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059 Loading...

	magnews.ml/	355 B	2023-03-10	2023-03-11
Pretty URL magnews.ml/ IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-11 10:43:33 Times Seen1 Hash b7fd142a78c3fb5253267903d3a6880a fbab12908e68df7edf166a39785adff8e5e8084e 6cc99846310f6deb4089fea26a8db183cef9b0318d3a5fa3acfb51d8df710556 Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-05-07
Pretty URL banquetunarmedgrater.com/advertisers.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 22:21:09 Times Seen37419851 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	http:blank	145 B	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash fa7c9fb3ec811dc3efcf7e42a6220ec8 5256cc436558874301d853fd00b75c3ea1039fad 7c8429b21b13940f3020661c6e1599207276380d962923ca9b45578efb38a4fe Loading...

	magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-05-07
Pretty URL magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-07 21:57:18 Times Seen65088 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js	27 kB	2023-03-10	2023-03-10
Pretty URL www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:25:52 Last Seen2023-03-10 17:09:34 Times Seen1 Hash c2722d763e114736e7ae55d1c4bc0066 36adb3776f543bad05e7b4399973b2021f57f05f 0beb0981cae14c3855418c1132e442de5d14aaefd90ff39e5ebba1c3312f4972 Loading...

	magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-06
Pretty URL magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-05-06 22:18:25 Times Seen1472 Hash baaadea4492b059f284187d75af46063 7326bf5e023f871afcf6ebb18cb89109f81a7708 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b Loading...

	pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js	37 kB	2023-03-10	2023-03-10
Pretty URL pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash dab84cd43f2ebbb98fb1123301cc0c9f e3bbfa12d38d912093b3a064eca44eae306a6062 f57fa2376a014ef491cdac4af2217a5a3350b14165f12f18375e797363e2a018 Loading...

	pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js	59 kB	2023-03-10	2023-03-10
Pretty URL pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash 91178472ceca744813ddf6bf61cbd859 f19eea1d75ea094b20c7344929521551ea3ff8dd ec808e0d8525195dbf69f41b8a74d9522e2c42a354cd3a375aeb13710b291969 Loading...

	www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js	27 kB	2023-03-10	2023-03-10
Pretty URL www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:26:41 Last Seen2023-03-10 17:04:56 Times Seen1 Hash 69103e875da561ccf51c97cb2bf038d7 709dd4b7e6c7219b3eb575cd3e96183d0d14f53f 34db63367643f9a4f120b2c93302ed8a19a01cfc62a69597af24f3f433324f71 Loading...

	magnews.ml/	192 B	2023-03-10	2023-03-10
Pretty URL magnews.ml/ IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash d788769b7f50baf7c17d2b9b1942fa85 10f0478e4e4ed60461055343770916ef33d9062b 26f51dc30798a3be5ae8968d5ce869245894c8cc312d7d88f5542830d0f43750 Loading...

	http:blank	145 B	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-10 15:12:14 Times Seen1 Hash 518dee01ac6073395656f22e8695ef9e 668582442be4cb20e2dcd245c458a374346807e6 b2dd1953d237dc8f0f9623386894943a93fc0d08af7fc75c1de9a54425cbb85b Loading...

	magnews.ml/	354 B	2023-03-10	2023-03-11
Pretty URL magnews.ml/ IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:14 Last Seen2023-03-11 10:43:33 Times Seen1 Hash 41658501b8ceb43881e4ee9d0d71d2ff c3f2d0c3b1608a4215720ea72cdfe11af4c27c85 e700d0b3d248eecf2ac6ad8e9dbafc4230c79a21952dc0989480dc61dc5ebd30 Loading...

	magnews.ml/assets/green/js/main.js	8.9 kB	2023-03-07	2023-07-03
Pretty URL magnews.ml/assets/green/js/main.js IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:03:56 Last Seen2023-07-03 07:55:17 Times Seen11 Hash 1ba52a723734c449bea7499fa99b0acc 2c068d541b0733dcb12490c87cb2961d23db0fcf 521a1cec9da7b24c9d2f00d524047bd5d0d6174cfcf1480bd903859adf669ab1 Loading...

	http:blank	716 B	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-10 15:12:15 Times Seen1 Hash bdda3700441d797bc5146176ad0cfe3f eaba458c94b27dc56006af707551fdc59a567f76 696a57d3f2c66c0af43e912aa83cb6c80879fdf542b1d74139d32109a515585b Loading...

	magnews.ml/	192 B	2023-03-10	2023-03-10
Pretty URL magnews.ml/ IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-10 15:12:15 Times Seen1 Hash ac403294a17d84db819903ab0b04e349 ab99ef5dc0c49c1972ed2b80cd5b0a3e3bdcb5d6 59ade17e19b0ae7c27abdb560c0b480aae0dd8f65d0b36b364acf62b25aa450d Loading...

	magnews.ml/assets/green/vendor/animsition/js/animsition.min.js	5.6 kB	2023-03-07	2024-05-04
Pretty URL magnews.ml/assets/green/vendor/animsition/js/animsition.min.js IP 45.153.184.53 ASN #202448 MVPS LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:38 Last Seen2024-05-04 10:42:44 Times Seen436 Hash 72d24e37ce242ffdad389c26d6b9de57 815a7b276e3674932e6f16cbdf7262d80bdf1d25 f32da6bf81134c664b32582076b8260b3b614d508d5c651d0907b581df2a9323 Loading...

	pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js	25 kB	2023-03-10	2023-03-10
Pretty URL pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-10 15:12:15 Times Seen1 Hash cdc405e44ba1eca4cdafbe2250dd4a6a 27398a7f5a4719761fdd1e94378f7117b63fc8ef d84101acd4e468902cde21134adb2fd988f4a96f59367ba42e671a2282e922c3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a823ee4ef678dcecbe4fbaf59afca344	2.1 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-10 15:12:15 Times Seen1 Hash a823ee4ef678dcecbe4fbaf59afca344 d7bcecab5411076eeaa8183f621cc3f1bcfb89db 76b25409101b29222e81091a08766effac6da1de4d19e8af630d83aa67f65b53 Loading...

	#2 Eval - 3118ab3ab04537898630ea350359abcf	2.1 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-10 15:12:15 Times Seen1 Hash 3118ab3ab04537898630ea350359abcf 8b6babe49a0482c0ba0dc30105b941ba805989c5 bb96b01412a5fc93e4e532501bbd17f9bf24c54d440c822817348bfc9d280769 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7793ed070d1627e01f0995a86317f426	134 B	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-11 10:43:33 Times Seen1 Hash 7793ed070d1627e01f0995a86317f426 2d17d3adb439141d2ac77e41548d0ea3545493c2 6c5e6cd44a4934b51080b013e265b96fc0df85ae26af881d359bc26c11f4371e Loading...

	#2 Write - bc6af2b0c0ed928d61be8417ea84f5e5	134 B	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 15:12:15 Last Seen2023-03-11 10:43:33 Times Seen1 Hash bc6af2b0c0ed928d61be8417ea84f5e5 59da365563a2c7ec663a8abae1af4c2221e721cd 33a84460d6ab08f9385086c645abcb7d1faf5edd86e59bb38db071b528d3d26c Loading...

HTTP Transactions (118)

URL IP Response Size

magnews.ml/

45.153.184.53

301 Moved Permanently

178 B

URL HTTP/1.1
magnews.ml/
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET / HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://magnews.ml/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Wed, 26 Oct 2022 11:18:33 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: max-age=97811
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:04 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:20:15 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2330
Expires: Wed, 26 Oct 2022 07:48:54 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zLYhQ5/EsG3mnkD6MJ/jXHKi7lKHDTN+TNzx6oo5wnfnvMlerRs7e4p6N+c2T33mb/PvBjHd1vA=
x-amz-request-id: 3XPF620VJHCJAS8J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 07:09:16 GMT
age: 48
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 07:10:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b0bfb8f2ddb3290aca21d871018d6831
f2beb2e8a8d60cbfa8962d3896c39780d2c87da6
d777ead8c1c167b4fab7c415e976cd28d3001a8ccd5d9e47e0e833ac66fb36b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D777EAD8C1C167B4FAB7C415E976CD28D3001A8CCD5D9E47E0E833AC66FB36B3"
Last-Modified: Wed, 26 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21530
Expires: Wed, 26 Oct 2022 13:08:54 GMT
Date: Wed, 26 Oct 2022 07:10:04 GMT
Connection: keep-alive

magnews.ml/

45.153.184.53

200 OK

66 kB

URL HTTP/1.1
magnews.ml/
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
66 kB (65895 bytes)
Hash
5b976b8781ea17d4e8e61851a4b55bd1
accac70108a0bb26bb23cd50d4e0ac9bd21da66b
41ef4db838b0a72d6d43c188c8ae4b5dc3c98f04048851d28cc0354fc000f429

HTTP Headers

GET / HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-550db"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/bootstrap/css/bootstrap.min.css

45.153.184.53

200 OK

20 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/bootstrap/css/bootstrap.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (65320)
Size
20 kB (20416 bytes)
Hash
7320098f94dfddf69dc58b00df5317b4
20b566fb8ca4a9b0aa07eb73a6dc2766affe1a6e
bddcdc7dc578479e80a73161b748e4d7c6d3df5a265a39aa93963eec87beb79f

HTTP Headers

GET /assets/green/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1e822"
Content-Encoding: gzip

magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css

45.153.184.53

200 OK

8.3 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (35179)
Size
8.3 kB (8262 bytes)
Hash
c5b5f80444b26b029d6b42b57adbe3f7
f9c124b3fc9c6605e9000aa9f939f390206678e3
0d8e82e594a879ffb4a3af830f803f90d5a17e99f04f4252c9f260672d3baa5b

HTTP Headers

GET /assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-8a1f"
Content-Encoding: gzip

magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css

45.153.184.53

200 OK

7.3 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (30837)
Size
7.3 kB (7254 bytes)
Hash
03ffadf80290ce56effd0a92ee1b6bb6
cdff33e0d2c3131cff1f25ee5e0a5d8bf4811706
ea282e7d965fa40101870e6c5c2555717b4cebe50146d447181374c8dab06f85

HTTP Headers

GET /assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-7918"
Content-Encoding: gzip

magnews.ml/assets/green/css/util.min.css

45.153.184.53

200 OK

22 kB

URL HTTP/1.1
magnews.ml/assets/green/css/util.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21517 bytes)
Hash
c6247f217036fdd8f69174ce886c9624
314a6ddaadab67f97a49ae42c0a5cabda78b32c2
5012ca1f6b2e3f2c7fa1f87daf806a8c854a7cdd881b247a0eeaf44a605f4b60

HTTP Headers

GET /assets/green/css/util.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1da98"
Content-Encoding: gzip

magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css

45.153.184.53

200 OK

8.6 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (65536), with no line terminators
Size
8.6 kB (8622 bytes)
Hash
537d2da505eca9ee970434b03a56d99e
37053b92083e963ad4421601243c85dfbf5c320a
0633860952806c3c4e153cce4d50d171be7f69923702518d3e61f6ceabb6a25d

HTTP Headers

GET /assets/green/fonts/iconic/css/material-design-iconic-font.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-1149f"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/animate/animate.css

45.153.184.53

200 OK

3.1 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/animate/animate.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text
Size
3.1 kB (3144 bytes)
Hash
e7c0f39618e31caf1990a90a43defe8b
28c1b02c40b9f9db1a862fcd2cfd0b435ca3aafa
4e113aae2af6ede7c5d01eb34a663aa4c49611b2fe22636395ccae0c1e65a65a

HTTP Headers

GET /assets/green/vendor/animate/animate.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-5d28"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/animsition/css/animsition.min.css

45.153.184.53

200 OK

2.5 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/animsition/css/animsition.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (27282)
Size
2.5 kB (2480 bytes)
Hash
59615e28e5f42254f9d250bbaa89b880
9281609cc1544bb2c554f7cf667292e5d86e4157
bba4f07149641070061d1b67adeaefedd43e69bfd4c20adaee62f37b7daabacf

HTTP Headers

GET /assets/green/vendor/animsition/css/animsition.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-6b56"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/css-hamburgers/hamburgers.min.css

45.153.184.53

200 OK

2.3 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/css-hamburgers/hamburgers.min.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (19499)
Size
2.3 kB (2282 bytes)
Hash
83520ce19ffaab02f055ed9be9e00c15
8d9ad268696cd5b10b5ebb102ebe6c1aa71f35fc
d6098a05ad8dc5771e1c986efa7eec7e083a7e74e7f9ddf7b85dbe41e19a5b7d

HTTP Headers

GET /assets/green/vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-4ce0"
Content-Encoding: gzip

magnews.ml/assets/green/css/main.css

45.153.184.53

200 OK

6.3 kB

URL HTTP/1.1
magnews.ml/assets/green/css/main.css
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text
Size
6.3 kB (6308 bytes)
Hash
316436123f3ffd6fc81c4ba4ab2c5cad
fcc1bc8402924c0ca5e0e292bf5979a3571b75fa
053b1e33dd7490eb2282fa52bdf17c140a5a12c860e901d549d6bd6ccd9d30c5

HTTP Headers

GET /assets/green/css/main.css HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-8c4b"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js

45.153.184.53

200 OK

31 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/jquery/jquery-3.2.1.min.js
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (32058)
Size
31 kB (31301 bytes)
Hash
3bb7ae2826c5f86610c1d4233074628d
bea0f851ec7c92520c3335a357dee19de671f46b
b61740175c6cd7cfcf2c346eb091b7e52d24169a9711b401e74021070282ceee

HTTP Headers

GET /assets/green/vendor/jquery/jquery-3.2.1.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-15283"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/animsition/js/animsition.min.js

45.153.184.53

200 OK

2.0 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/animsition/js/animsition.min.js
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (5415)
Size
2.0 kB (2015 bytes)
Hash
ae601be5bc180381fdca18afe7e2a86e
3e3d44d2312896e710c5c8d22b2bbd80e1398094
6f493600037617d7cbbfb3f7cfbd6a7777524c9b64b52e353541b187bc31f288

HTTP Headers

GET /assets/green/vendor/animsition/js/animsition.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-15ef"
Content-Encoding: gzip

magnews.ml/assets/green/js/main.js

45.153.184.53

200 OK

2.0 kB

URL HTTP/1.1
magnews.ml/assets/green/js/main.js
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text
Size
2.0 kB (2019 bytes)
Hash
dfb2344cd95d15c282454d7ef6bc9176
0656f972b74a46a3baa89681283edd73bd74a61b
1792a18a8114934d93e651d899859379c7e07128796ea88ec5584efd0ba8271e

HTTP Headers

GET /assets/green/js/main.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-2299"
Content-Encoding: gzip

magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js

45.153.184.53

200 OK

14 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/bootstrap/js/bootstrap.min.js
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
ASCII text, with very long lines (50904)
Size
14 kB (13706 bytes)
Hash
aaa66f72df0f51f1d56afc50d6e19c18
35d3a2f552f65c637aefc79744081611fb6a299b
a96f8103c3df27c8bd3d0981b42972bd9e287b2dff6aac8f025467ae315bc833

HTTP Headers

GET /assets/green/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-c7c7"
Content-Encoding: gzip

magnews.ml/assets/green/images/icons/logo-01.png

45.153.184.53

200 OK

3.1 kB

URL HTTP/1.1
magnews.ml/assets/green/images/icons/logo-01.png
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3144 bytes)
Hash
9e697b3a4e69a8f9bfa6f6ed6f17b088
8012c50117f0105c0f62ad8b2e42ab6c92260a56
3ef4a0cc1ec054dd3c3ab792e2aeb68b609d6719bd9215a73771ea8271e8e531

HTTP Headers

GET /assets/green/images/icons/logo-01.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/png
Content-Length: 3144
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-c48"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/vendor/bootstrap/js/popper.js

45.153.184.53

200 OK

22 kB

URL HTTP/1.1
magnews.ml/assets/green/vendor/bootstrap/js/popper.js
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
Unicode text, UTF-8 text, with very long lines (337)
Size
22 kB (22327 bytes)
Hash
d01c90e9a177cfe48de7664fc50cd8ce
9ac3958e7ded1ec4c03aa2355e7f9e7d7c57fcfa
6abc0b1ae2925012caf6f639af542225039af9e55a50aeee92d562e7fa6940fe

HTTP Headers

GET /assets/green/vendor/bootstrap/js/popper.js HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6351ecba-13f06"
Content-Encoding: gzip

magnews.ml/assets/green/images/icons/logo-02.png

45.153.184.53

200 OK

3.1 kB

URL HTTP/1.1
magnews.ml/assets/green/images/icons/logo-02.png
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 222 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3068 bytes)
Hash
11875c613d10690291eaacf7e6149bd6
984ef430013903318e0efc577a1593d98e4f096d
f1b6c0bf497f48b7482399d53dbdc68bcfc177ac9b3787eb8ea6a05619cdd13e

HTTP Headers

GET /assets/green/images/icons/logo-02.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/png
Content-Length: 3068
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-bfc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/images/popular-post-01.jpg

45.153.184.53

200 OK

251 B

URL HTTP/1.1
magnews.ml/assets/green/images/popular-post-01.jpg
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Size
251 B (251 bytes)
Hash
47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea

HTTP Headers

GET /assets/green/images/popular-post-01.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/images/popular-post-02.jpg

45.153.184.53

200 OK

251 B

URL HTTP/1.1
magnews.ml/assets/green/images/popular-post-02.jpg
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Size
251 B (251 bytes)
Hash
47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea

HTTP Headers

GET /assets/green/images/popular-post-02.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/images/popular-post-03.jpg

45.153.184.53

200 OK

251 B

URL HTTP/1.1
magnews.ml/assets/green/images/popular-post-03.jpg
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 80 x 60, 4-bit colormap, non-interlaced\012- data
Size
251 B (251 bytes)
Hash
47bcc0eb12f16aa1e415926f2a0e34c5
d74c8685d034d07523c6a425382d7d1a08a7eab5
983f418dfc0f5a6c9e5151bf48d000aaeb6842a2bdca5a4e882a8f7fb30854ea

HTTP Headers

GET /assets/green/images/popular-post-03.jpg HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: image/jpeg
Content-Length: 251
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-fb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4479
Cache-Control: max-age=94282
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:05 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:21:27 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

magnews.ml/assets/green/fonts/Roboto/Roboto-Regular.ttf

45.153.184.53

200 OK

172 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/Roboto/Roboto-Regular.ttf
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size
172 kB (171676 bytes)
Hash
3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

HTTP Headers

GET /assets/green/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/octet-stream
Content-Length: 171676
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-29e9c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2

45.153.184.53

200 OK

54 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
Web Open Font Format (Version 2), TrueType, length 54488, version 1.0\012- data
Size
54 kB (54488 bytes)
Hash
e8c322de9658cbeb8a774b6624167c2c
db06af71da4197a4e1bd553d124725a8081c13f0
e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69

HTTP Headers

GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/octet-stream
Content-Length: 54488
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-d4d8"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
95ee7a918f690ae4b9786db69781b367
0da1b4ced93fbf4fcd00ebad2f3ed544ec699222
144c093eecd552fdc7b3f0b237505f7c2ea6bfc5adb8f73c398834ecece85960

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "144C093EECD552FDC7B3F0B237505F7C2EA6BFC5ADB8F73C398834ECECE85960"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20142
Expires: Wed, 26 Oct 2022 12:45:47 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive

push.services.mozilla.com/

35.83.241.90

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.241.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H8U8uTPQIQ2Iua6vWSxKFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +htvM8l2DFIUysYdUMDU0ZoijIk=

pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js

192.243.61.227

200 OK

9.3 kB

URL HTTP/1.1
pl16782612.profitablegatetocontent.com/00f486fa888626aba7a0e9f6a9626346/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
Unicode text, UTF-8 text, with very long lines (25110), with no line terminators
Size
9.3 kB (9283 bytes)
Hash
8f3ea1686ed91ea69abacf9ab1d6d59f
f07ac0b77b16cd83e8d5d7ce442a906eebee5433
e7f2903ccecca99adac3f21ede3724f9427ecd9b17032b1155a5a697fa5bb00b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /00f486fa888626aba7a0e9f6a9626346/invoke.js HTTP/1.1
Host: pl16782612.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f58202c1569e712869b37b749bafbaab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ecdba33e870439365faa2096b779869
8fee506845073a72f45c6627ef9c5e98811ae278
38480634d7cbfa150854ee060c22ee8653ff3fdf80a2e927077eaa5e9fbf30c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38480634D7CBFA150854EE060C22EE8653FF3FDF80A2E927077EAA5E9FBF30C7"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3192
Expires: Wed, 26 Oct 2022 08:03:17 GMT
Date: Wed, 26 Oct 2022 07:10:05 GMT
Connection: keep-alive

pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
pl16782607.profitablegatetocontent.com/55/1a/82/551a820a848f2430ac19a64893e2cf74.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37151), with no line terminators
Size
13 kB (13407 bytes)
Hash
c1cc4a9610fa5a369de7657d45bb6bde
311b2ec7dd6a9c86a27d9cc3993825efd5dd4688
0404f5a8328bbd5042837ec5103c65e876d119e50b7c8251a085c3cef6cf38d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /55/1a/82/551a820a848f2430ac19a64893e2cf74.js HTTP/1.1
Host: pl16782607.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2e2b8a5b05d21691311cfb7bab0b39e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js

192.243.61.225

200 OK

20 kB

URL HTTP/1.1
pl16782680.profitablegatetocontent.com/a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59383), with no line terminators
Size
20 kB (20319 bytes)
Hash
2a6726af64f4651adc8edcb53d96861f
c2c3850f4d8adf96f0c16df6e6da0e0d71a93b47
25aefd4078563d49b9eb73a17cb385cfea71e0f8dbb0a17937d064a51303692e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /a2/bf/de/a2bfde9dd2920ce8ff524c9b82194b23.js HTTP/1.1
Host: pl16782680.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0d7695c55a03bc7e229a0fd1b027521
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js

192.243.59.12

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/6de05bc705f2765cf895993a4a2c1b62/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Size
9.8 kB (9782 bytes)
Hash
7dcc19609eb24659ddae89a41fa3842d
984b5a7090ae95203e6b92f3f3fdccf60b6b31e6
5818f02389fb2b95e3cf8acbdf1c46fb81ebca9ced238980c16f19d56b92394e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /6de05bc705f2765cf895993a4a2c1b62/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a9151d18319202277ce19103b0734ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

magnews.ml/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

45.153.184.53

200 OK

38 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /assets/green/fonts/iconic/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/iconic/css/material-design-iconic-font.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 38384
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-95f0"
Accept-Ranges: bytes

www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js

192.243.59.12

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/851e934a41caba4f0598fd88e5f72562/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Size
9.8 kB (9778 bytes)
Hash
62588ee2b79fbd184409f5aa0af34afe
2e69b8b80742c13ac1ced1c6a220e1fea9212db6
9a1ab91a9f0b3671a6cf6e98459228b6b2e4b384d026783a52a39d9b6c8554f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /851e934a41caba4f0598fd88e5f72562/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcf5c503fcd30deae50bc0e9130fa6fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

magnews.ml/assets/green/fonts/Roboto/Roboto-Medium.ttf

45.153.184.53

200 OK

172 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/Roboto/Roboto-Medium.ttf
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size
172 kB (172064 bytes)
Hash
d08840599e05db7345652d3d417574a9
5f16f4d6dbb4a4f12d8ae96488ac209bb49762a5
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68

HTTP Headers

GET /assets/green/fonts/Roboto/Roboto-Medium.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 172064
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-2a020"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

45.153.184.53

200 OK

77 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /assets/green/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-12d68"
Accept-Ranges: bytes

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
787b1fc5d5f4cff91f5aee14f0cc2abf
a27036e3eeb9e273c9d9b5175237ff400b341c92
02cf018bf2716a3128a827ea3cc1daca23e98e0469c0dd24807e140af1a8f7b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110891
Date: Wed, 26 Oct 2022 07:10:06 GMT
Etag: "6357d705-1d7"
Expires: Thu, 27 Oct 2022 13:58:17 GMT
Last-Modified: Tue, 25 Oct 2022 12:31:01 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E5QucrE5qojlzgERoMVebbXu7mFdlK82QMMClPAZ6QNa_xWy0Hthlg==
Age: 5236

magnews.ml/assets/green/fonts/Lato/Lato-Regular.ttf

45.153.184.53

200 OK

120 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/Lato/Lato-Regular.ttf
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 30 names, Macintosh, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und\012- data
Size
120 kB (120196 bytes)
Hash
7f690e503a254e0b8349aec0177e07aa
127f241871a9fe42cd8d073a0835410f3824d57c
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

HTTP Headers

GET /assets/green/fonts/Lato/Lato-Regular.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 120196
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-1d584"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ab10e11575f5e92eedebe2e51b41246a
6b36db0a667f9cdee59af3b5850897d1a96d8710
763cd5cd367cc36d661f0c48fab13c7ccdb67089e7d43f5322229a1f1ec561dd

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
set-cookie: uid_id2=16222221-115b-44b9-b912-ba921ab9e13c:1:1; expires=Sat, 23 Oct 2032 07:10:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
set-cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Sat, 23 Oct 2032 07:10:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

magnews.ml/assets/green/fonts/Roboto/Roboto-Bold.ttf

45.153.184.53

200 OK

171 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/Roboto/Roboto-Bold.ttf
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo\012- data
Size
171 kB (170760 bytes)
Hash
ee7b96fa85d8fdb8c126409326ac2d2b
0ce37ced9c5fcac9bdc452a432c1258870ba4677
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

HTTP Headers

GET /assets/green/fonts/Roboto/Roboto-Bold.ttf HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/assets/green/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 170760
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-29b08"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2

45.153.184.53

200 OK

40 kB

URL HTTP/1.1
magnews.ml/assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
Web Open Font Format (Version 2), TrueType, length 40148, version 1.0\012- data
Size
40 kB (40148 bytes)
Hash
0ab54153eeeca0ce03978cc463b257f7
6ec6d36cb2464b4e821cfabb532f310bd342601c
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

HTTP Headers

GET /assets/green/fonts/fontawesome-5.0.8/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://magnews.ml/assets/green/fonts/fontawesome-5.0.8/css/fontawesome-all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: application/octet-stream
Content-Length: 40148
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-9cd4"
Accept-Ranges: bytes

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

18.193.142.27

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.193.142.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c0b4ff6e7d31bb4a99c0738ba5a8c361
e0fef6821e18ff968845a972859289d0c0eff494
d6b4380ad6f12daa7476535e43c90060f41d3a04ccb009269440824247f5032e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://magnews.ml
access-control-allow-credentials: true
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6580
Expires: Wed, 26 Oct 2022 08:59:46 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17082
Expires: Wed, 26 Oct 2022 11:54:48 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6580
Expires: Wed, 26 Oct 2022 08:59:46 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17082
Expires: Wed, 26 Oct 2022 11:54:48 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c527a016fda6b0c8b300c22b2c2e26d6
f224854f4765c34814e0b4bdaa42bb4856c82578
6c6efa014eafaf93a9b8729975b66350a01a1bf8ff38bcf426c809d8a2c7d34d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C6EFA014EAFAF93A9B8729975B66350A01A1BF8FF38BCF426C809D8A2C7D34D"
Last-Modified: Wed, 26 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6103
Expires: Wed, 26 Oct 2022 08:51:49 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ece8e056c63ebf66e48e459a742ba5a2
85ed794984a5e499be8af897db040d9edf6e72c5
3ad27dbd106ed37f72dc22b2de0f6d502c770826a9a51ee55721c4d8e5bf44f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AD27DBD106ED37F72DC22B2DE0F6D502C770826A9A51EE55721C4D8E5BF44F3"
Last-Modified: Sun, 23 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1439
Expires: Wed, 26 Oct 2022 07:34:05 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4b1b2784fd7902093184b97b0df69d46
b6b22497f1d13c843591c632b3af3b541563850e
e0a11d9e96ebd3f3d52cfadc0f0eadb605554e9cefd9cbca1b2785338370ca82

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0A11D9E96EBD3F3D52CFADC0F0EADB605554E9CEFD9CBCA1B2785338370CA82"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6492
Expires: Wed, 26 Oct 2022 08:58:18 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5f3bf934ab9f0231e8f68af8391fab3d
5c2d1204d1b1667d9e78b9c9962bc05d28c12bc5
44eb4a9956218bd1fca7b994b077852b9ffebd3d23351217befeeb3ec5082629

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44EB4A9956218BD1FCA7B994B077852B9FFEBD3D23351217BEFEEB3EC5082629"
Last-Modified: Sun, 23 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2278
Expires: Wed, 26 Oct 2022 07:48:04 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
suspendedflesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1004&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: suspendedflesh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8057
Expires: Wed, 26 Oct 2022 09:24:23 GMT
Date: Wed, 26 Oct 2022 07:10:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 23612
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eccb336-aab3-4c45-986e-3d5c068fa95f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4545 bytes)
Hash
77f26048280036eede4e216d7ac2ed6f
619dff28900195c0d76692c6695c610c57fde4f2
d17b83d8de3794b198bd371579ca3447639f53121eb463b6eb0a766fe7f0103c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eccb336-aab3-4c45-986e-3d5c068fa95f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4545
x-amzn-requestid: f774726e-125a-486e-8f7b-7eb86450368a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2qHG7IAMFTSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-3e3bf9a7046685f7643817b9;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cH4Ae-5tI8KMs7ZQCIQM6OWRz1cEBUf7eOTZmQw0mJ-cmnlLqSX19w==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:53:34 GMT
age: 33392
etag: "619dff28900195c0d76692c6695c610c57fde4f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6831 bytes)
Hash
1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:05:09 GMT
age: 32697
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33fda234-9118-4b4b-86d9-02c36810eda5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11622 bytes)
Hash
b949df0edd9d64aa962e3bf4b267889e
3ef04f8c638dddf8bb8b70aae74770892307c814
e6c42bdd84bc9661c25a201599c29257b843d86d638ec479e7b5fa7bf81bc961

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33fda234-9118-4b4b-86d9-02c36810eda5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11622
x-amzn-requestid: f1879080-36ae-4e3e-a268-a66c9436b593
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYpqGZkoAMF1mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa170-6b387b7f7f3a72e90fe5f1bd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WuATOD9fJ6akCvKeE69v1PzPkmYKnEFwI_DpHsw2NVUozsiR77M5qA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 05:56:07 GMT
age: 4439
etag: "3ef04f8c638dddf8bb8b70aae74770892307c814"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
656b64fb178a96cdeab7d54d0d3df5ba
f628269fc4ba16b1c4b11a8bc965a7dba93755cb
eb1126cfc2a686ea8d845a4898d904a133ff3284578f3a42a45fe01138df6c8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: d7e1e331-09cc-4bdd-83a3-594b65e50d79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK-TEWXIAMFoCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358585b-6e2c04ed0d36eea85de94a22;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b89C7sl-8jR1VviZlenbR1NYN96IhBfbU44KhRuy5oT2Db1NbFZqvQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:11:46 GMT
age: 32300
etag: "f628269fc4ba16b1c4b11a8bc965a7dba93755cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7929 bytes)
Hash
c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 32459
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

173.233.137.44

307 Temporary Redirect

0 B

URL HTTP/1.1
dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1 HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Location: https://dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t
Set-Cookie: u_pl=16682114; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjExNCwiayI6Ijg1MWU5MzRhNDFjYWJhNGYwNTk4ZmQ4OGU1ZjcyNTYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzZzBka3QwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLm1sLyJ9fQ.r_-NCmjSA-qys4NJede2g2826PbzLZflbxJwFjzfeyA; expires=Wed, 26 Oct 2022 07:11:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 705ef34f255dba845e3b06b72757ce6b
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
414291d4efb3e45cb5159c713c22bc8a
884275c8c6cbbb0fa2597db5afee071c074cddf4
8d079e8b76e04da709626a654ee9524e1de331120a781e80a6506e77c9968b00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D079E8B76E04DA709626A654EE9524E1DE331120A781E80A6506E77C9968B00"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17179
Expires: Wed, 26 Oct 2022 11:56:26 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1 HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Location: https://literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t
Set-Cookie: u_pl=16682133; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjEzMywiayI6IjZkZTA1YmM3MDVmMjc2NWNmODk1OTkzYTRhMmMxYjYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZzhwbWttNDd4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hZ25ld3MubWwvIn19.V2GxZ9rMb59gAQibwKckoAuQPXQntk9ppcVvQcfgWoU; expires=Wed, 26 Oct 2022 07:11:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d407e92d93d6c6382ec7bbf9dba355c7
Strict-Transport-Security: max-age=0; includeSubdomains

dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t

173.233.137.44

200 OK

2.1 kB

URL HTTP/1.1
dwightadjoining.com/watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2629)
Size
2.1 kB (2079 bytes)
Hash
81c4732cfdf5f8987680e87259fbdd5c
edb62ffbced18db707983940dc242cef7fc68067
0735deef45e9cdbd7b6bfae35b591c2ce8972be23b84c8245df034ae1ff60e4f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1450107618571.js?key=851e934a41caba4f0598fd88e5f72562&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1&shu=3ad52e3c8c1aad8682d4de65cd96e1ada2178267367ace33c978255aed3b5afda8f06d885f4feebfdcd71cfabe7b299b7ba7201ac104e0f469be6fc21f2287df76cc30365a0fcf1c428702daf605a3d22107c1488de206c11e50e9a1cdc632&pst=1666768266&rmtc=t HTTP/1.1
Host: dwightadjoining.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Referer: https://magnews.ml/
Connection: keep-alive
Cookie: u_pl=16682114; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjExNCwiayI6Ijg1MWU5MzRhNDFjYWJhNGYwNTk4ZmQ4OGU1ZjcyNTYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJzZzBka3QwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYWduZXdzLm1sLyJ9fQ.r_-NCmjSA-qys4NJede2g2826PbzLZflbxJwFjzfeyA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
iprcc7eb6ad2cf8ef825400065d0b7f98124=3569806; expires=Wed, 26 Oct 2022 11:10:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58c31e9a88250d3f12203ade43d39ebb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

schemevolcanosuspicions.com/ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4

192.243.59.20

200 OK

17 kB

URL HTTP/1.1
schemevolcanosuspicions.com/ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (16849), with no line terminators
Size
17 kB (16849 bytes)
Hash
14de8de1675412fca661c84a8bee8582
2b7d06e8861c2ce849f5d58f8286deb1169dc0be
57dacdafb6bb20b7f5926dd756c31f8e4e7e90ece2a483cf1dd3d506bb4cb47e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ntv.json?key=00f486fa888626aba7a0e9f6a9626346&vstc=4 HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: application/json
Content-Length: 16849
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16682113; expires=Thu, 27 Oct 2022 07:10:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]; expires=Wed, 26 Oct 2022 07:10:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bd025c514568ed63c2f78030ac0b9c6d
Strict-Transport-Security: max-age=0; includeSubdomains

friendshipmale.com/sfp.js

172.64.203.23

200 OK

27 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.203.23:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
27 kB (27119 bytes)
Hash
249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 04bc727d1c908fc849d2972c0e5ded98
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 07:10:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60aUd1eclNQCxtkB8EF1h4iVJQt%2FXhc8s0DLxZ5JW61JTHE2gfpKv%2BB%2BBQOIaTb%2BFHA0YUfMtJFsHnUSRqTSZl7tlcVIcz4E93k50mRJIZWIrwq1NjEOLiwVjJZcZKV%2BL%2Fp%2F6XA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ec99c6b889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9e7c2c5a987354f406d7b4d141b7264
559107c3cdab5c3c3a7b42fbcc0428cb8b445d77
41da931fe0fec01e9ae0ca5e63d9156f748fa10b185d815d05b74938cc5769a4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41DA931FE0FEC01E9AE0CA5E63D9156F748FA10B185D815D05B74938CC5769A4"
Last-Modified: Wed, 26 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2961
Expires: Wed, 26 Oct 2022 07:59:28 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c9eb4f5d99613a73e71df55e8a5d83e
f0a75dfd250b74f88c3ee597d2cae20bad696819
b54395b70fe53f079c9f4576f82f131c1e13e0c88cec8ff07b14258147d4128a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B54395B70FE53F079C9F4576F82F131C1E13E0C88CEC8FF07B14258147D4128A"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Wed, 26 Oct 2022 07:56:23 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3u98QeLFH3tZWGQQFAWZdPdMemZcJBhjJBg3%2B8PF9STVXdWTMtVVTVX39CSn6IKs4GEOXvTUeZNsMAbRP8Agk4VFgmLmIjlsznrwJCyeRGYMjn6g%2B%2FNevXd4n0%2FVR9v5GXGR09PFt%2FSmkJLOztXc6gu3Pe9KdUWovFfttYL3gsaVqum%2B3A5q7ovVN3i0rmd913Ndz%2FWqS8LwWPdmxyJEetD2am231vBr3lwDPfNfbnMHljpg3TPyFAQbVe47FyGiIVTy9SK365lOX3o9ySXNtEGX7d1S60oXCskUxsZBrPbO3dD2ZOkQWu1O4kJ3%2FzGGYkScB4cI1d55SITdnUnOUIIrhOxxFN0huBxC0CEifQeCnRAgYri6CpXcu6pNQTf%2BVulYHZHKo98hihGpPLwIlXy1IEWvelPLPBNaWfTiEqI3hOgMkeZHyDYvQBRHiLIPIdiPZPbRClSys2qlhmDlZHYhhhDxEJL3Qa2DfPwJB3nsIE8dJOy0Gnme13RZRN1WO4rqrMnDgLkebcYe9dyghTwax%2BsjS%2FuIZB%2BR2UJqtrAu%2BjD5d7BrJSxzYLMRca5voctKFJygsAQFJSgEQZERFN1yl0nr2%2FIekzYPvfPun%2Fd6OdBZZ5vu6qzDFdlOz8iTk738%2BckHWOenVdeNG60gpq1WK%2FADGtImdXk7Dmg78IN6I4AVJYS9MBl1U4zIpcOPkYoR%2BX%2FyC0J6BCuPEInLoLkHWgyavgu6Nmi0XGyqfcW14oWtdSiYLpFmFWQbzrY8I5cmKZ6tXAePjucfzLySDn6eQWRKpKbE%2B%2BI%2BQUfeHdzQBdm5oQtLvllNM5GITTq%2BuZsZzfj%2F9t%2FkG4U2bHnR9r94NRoLY3jwNrfZClVMqI4lXy4IxrhZ0ibi5Ntl%2Bw4Pr%2BV2bSE3Kk9Xrr22tJykhlsrtBqCipPVPxCJEak89%2FTkST7xw28QZgiTl0jyY3JeEPoIUboFmx7P718%2BeMx7%2FldYTWDk1BOmDoq8HBg%2FnB5KQSD5lNOwhP0XD6d4295Fx1RAsztQSYmuKdGVJajsw%2BYzgyw1x%2FPffzauzxHKyiCUprITSiM%2Fnax2RJ75qTFG745%2Ft2DFabVZr7s0aM95zSblzbDht%2BLAY5T6jcAPAlpHZkfR7YerfwEAAP%2F%2FAQAA%2F%2F%2B18t6hbAQAAA%3D%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4594e8ba5c5400063e10bc81c030cd4
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c9eb4f5d99613a73e71df55e8a5d83e
f0a75dfd250b74f88c3ee597d2cae20bad696819
b54395b70fe53f079c9f4576f82f131c1e13e0c88cec8ff07b14258147d4128a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B54395B70FE53F079C9F4576F82F131C1E13E0C88CEC8FF07B14258147D4128A"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Wed, 26 Oct 2022 07:56:23 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg

45.133.44.9

200 OK

32 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
32 kB (32471 bytes)
Hash
3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75

HTTP Headers

GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg

45.133.44.9

200 OK

24 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
24 kB (24518 bytes)
Hash
d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08

HTTP Headers

GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg

45.133.44.9

200 OK

23 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22757 bytes)
Hash
9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd

HTTP Headers

GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg

45.133.44.9

200 OK

28 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
28 kB (27832 bytes)
Hash
1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376

HTTP Headers

GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq9fxEi%2F%2B2MuCyCAICjLpnpn0zLjIYoyRYNzsDxfXk1R3VU%2FKVFc1VV3Tk5yiC7KChzl40VPnO8kG10X0DzDIZGGRoJi5SA6bsycvwuJJZGaDow%2BK9331fYfPe1Wf7rhT4sPRk6V39ZaQks4v1PzqyzeD4GJ1VSjXr%2Fbb4Ydh82LV9F7rhDX%2FlerbPN7Q83U%2F8P3AD6rLwvBE9%2BcnJkR2rxPUOn6tWa8FC030zf9r6zxY6oH1TsmzEGxcue%2Bdh4hHUOl3S9xu5Dp79a3USZprgx7bv6E2lC4U0plMjIdE7Z91Q9vj5QNotTfFhe792xiJMfEeHCBS%2B2eQiHq7U85IgitE7CkUvRG4HEHQEWJ9C4IdEyBmuLwGld65rE1BNx%2B7dOKOSeXRnxDFmFQenodKv12Uol%2B9rqXLhVYW%2FaSE6I8guiNk7hD51jmI4hBx%2FgkE%2B4XMP1qFSnfXrNQQrJzOLsQIIhlB8gGo9eAmR3hwiQeXeUjZSTUOgqDls5j67U4cN1iLRyHzA9pKAhr4YRsunuANkGcDxHKA2GwjM9vYEAMY9yPsegnLPNh8TLyr2%2BixEgUnKCxBQQkKQVDkBEWv3GPS1m15h0nrouAs189yoxzqvLtD93Te5YrsZKfkmele%2Fv78Y2zwk6rvJ812mNB2ux3WQxrRFvV5JwlpJ6yHjWYIK0oIe2466pYYkwsHnyETY%2FJk%2BjsieggrDxGL50FdAFoMW3UfdH3YbPvYUncV14oXttalYLpElleQb3o78pRcmFK8WLkBHh9dejD3ejb8bQ6xKZGZEh%2BJ%2BwRdeXt4TRdk95ouLPl%2BLctFKrbo5OWu5zTnT9x9h28W2rCVJTv4%2Bo14Ykzkvfe4zVepYkJ1LflmUTDGzbI2MSc%2FrNj3eXTF2fVFZ5TLVq%2B8ubySZoZbK7QagYrjtb8QizGpvPTc9Es%2B%2FfMfEGYE40qk7oicBYQ%2BRJxtw2YzeqsJjJz1RFkFhSuHph7NLqUgkHxW06iE%2FU8dzfSOvY2uqYDmt6DSEj1ToidLUDmAdXPDPDNHl376chJfIZKVYSRNZTeSRn4xWe3VMXnh1%2BZEffB401acVFuNhk%2FDzkLQalHeipr1dhIGjNJ6M6yHIW0gt%2BP45sO1fwAAAP%2F%2FAQAA%2F%2F%2BEbUunbAQAAA%3D%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 908b8336947061be11b260e40da56ffb
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.9

200 OK

144 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:07 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Fri, 28 Oct 2022 07:10:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq%2BN4iSCoe1kQGQRBRSbdM5OeGRdZjDESjJv94eJ6kuqu6kmZ6qqmqmt6klN0QVbwMAcveup8J9nguoj%2BAQaZLCwSEDMXyWFz9i4snkRmDI4%2B6H7fV993%2BLxX9dmuOyM%2BHD1dfk9vCynpwmLNr758KwguVdeEcv1qvx1%2BFDYvVU3v9U5Y81%2BpvsPjTb1Q9wPfD%2FyguiIMT3R%2FYWJCZPc7Qa3j15r1WrDYRN%2F8v7bOg6UeWO%2BMPAvBxpUH3gWIeASVfr%2FM7Waus9feTp2kuTbosYObalPpQiGdycR4SNTBeTe0PVk5hFb7U1zo3r%2BNkRgT7%2BEhInVwDomotzfljCS4QsSeQtEbgcsRBB0h1rch2AkBYoYr61Dp3SvaFHTrH5dO3DGpPP4DohiTyqMLUOl3S1L0qze0dLnQyqKflBD9EUR3hMwdId%2BegyiOEOefQrBfyMLjNah0b91KDcHK6exCjCCSESQfgFoPbvIJDy7x4DIPKTutxkEQtHwWU7%2FdieMGa%2FEoZH5AW0lAAz9sw8UTvAHybIBYDhCbHWRmB5tiAON%2Bgt0oYZkHm4%2BJd20HPVai4ASFJSgoQSEIipyg6JX7TNq6Le8yaV0UnOf6eW6UQ513d%2Bm%2Bzrtckd3sjDwz3ctfX3yCTX5a9f2k2Q4T2m63w3pII9qiPu8kIe2E9bDRDGFFCWHnpqNuizG5ePg5MjEmT6a%2FI6JHsPIIsXge1AWgxbBV90E3hs22j211T3GteGFrXQqmS2R5BfmWtyvPyMUpxQu%2FNsHj48sP59%2FIhr%2FNIzYlMlPiY%2FGAoCvvDK%2Frguxd14UlP6xnuUjFNp3c3I2c5vyJe%2B%2FyrUIbtrpsB9%2B8GU%2BMibz%2FPrf5GlVMqK4l3y4JxrhZ0Sbm5MdV%2BwGPrjq7seSMctna1bdWVtPMcGuFViNQcbL%2BJ2IxJpWXnps%2ByadPXoUwIxhXInXH5Dwg9BHibAc2m9FbTWDkrCfK5lC4cmjq0exQCgLJZzWNStj%2F1NFM79o76JoKaH4bKi3RMyV6sgSVA1g3P8wzc3z5568m8TUiWRlG0lT2Imnkl2PyYuXadL8T9eHkdxNWnFZbjYZPw85i0GpR3oqa9XYSBozSejOshyFtILfj%2BNaj9b8BAAD%2F%2FwEAAP%2F%2FRgLITGwEAAA%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e19bb4a67eea47247be1c0c667514091
Strict-Transport-Security: max-age=0; includeSubdomains

schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
schemevolcanosuspicions.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHq3fHS7z4Yy8LIoMgKMike2bSM%2BMiizFGgnGzP1xcT1LdVT0pU13VVHVNT3KKLsgKHubgRU%2Bd7yQbXBfRP8Agk4VFgmLmIjlszt48CIsnkRmDow%2B633v1fYfP%2B1Z9suNOiQ9HT5be0VtCSjq%2FUPOrL90KgkvVVaFcv9pvhx%2BEzUtV03u1E9b8l6tv8XhDz9f9wPcDP6guC8MT3Z%2BfiBDZ%2FU5Q6%2Fi1Zr0WLDTRN%2F%2FvrfNgqQfWOyXPQLBx5YF3ASIeQaXfLnG7kevslTdTJ2muDXps%2F6baULpQSGdlYjwkav9sGtoeLx9Aq70pLnTv38FIjIn38ACR2j%2BDRNTbnXJGElwhYk%2Bi6I3A5QiCjhDr2xDsmAAxw5U1qPTuFW0KuvmPSifqmFQe%2FwFRjEnl0QWo9JtFKfrVG1q6XGhl0U9KiP4IojtC5g6Rb52DKA4R5x9DsJ%2FJ%2FONVqHR3zUoNwcrp7kKMIJIRJB%2BAWg9u8gkPLvHgMg8pO6nGQRC0fBZTv92J4wZr8ShkfkBbSUADP2zDxRO8AfJsgFgOEJttZGYbG2IA436AXS9hmQebj4l3bRs9VqLgBIUlKChBIQiKnKDolXtM2rot7zJpXRSc5fpZbpRDnXd36J7Ou1yRneyUPD315a%2FPPsIGP6n6ftJshwltt9thPaQRbVGfd5KQdsJ62GiGsKKEsOemq26JMbl48CkyMSZPpL8hooew8hCxeA7UBaDFsFX3QdeHzbaPLXVPca14YWtdCqZLZHkF%2Baa3I0%2FJxSnFC5X3weOjyw%2FnXsuGv84hNiUyU%2BJD8YCgK%2B8Mr%2BuC7F7XhSXfrWW5SMUWndzcjZzm%2FPy9t%2FlmoQ1bWbKDr16PJ8KkvP8ut%2FkqVUyoriVfLwrGuFnWJubk%2BxX7Ho%2BuOru%2B6Ixy2erVN5ZX0sxwa4VWI1BxvPYnYjEmlRefnT7Jp376HcKMYFyJ1B2Rs4DQh4izbdhsRm81gZGzmSg7j8KVQ1OPZodSEEg%2B62lUwv6nj2b1jr2DrqmA5reh0hI9U6InS1A5gHVzwzwzR5d%2F%2FGISXyKSlWEkTWU3kkZ%2BPrH22pg8%2F0tzavLkdxNWnFRbjYZPw85C0GpR3oqa9XYSBozSejOshyFtILfj%2BNajtb8BAAD%2F%2FwEAAP%2F%2Fsfa4a2wEAAA%3D HTTP/1.1
Host: schemevolcanosuspicions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682113; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec00f486fa888626aba7a0e9f6a9626346=[2229329,2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 172b4d5d7dad627442e58c407eb2ebfe
Strict-Transport-Security: max-age=0; includeSubdomains

yearlingpreferablyperiods.com/sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1

192.243.59.12

200 OK

4.1 kB

URL HTTP/1.1
yearlingpreferablyperiods.com/sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (5726), with no line terminators
Size
4.1 kB (4126 bytes)
Hash
b364e0b51f0ff7544228977055f5c7e3
5455f9190ea70660aab53d6d21b57110c168f2fd
7e531bb6cc89dfb42b5735954d012043564d8f0f452bd9be64ae2f2a6a4162db

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=551a820a848f2430ac19a64893e2cf74&uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16682108; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 27 Oct 2022 07:10:07 GMT; secure; SameSite=None
slec551a820a848f2430ac19a64893e2cf74=[3364902]; expires=Wed, 26 Oct 2022 07:10:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8a68a28b95b759ac17c5cbf1728a4a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f142b94df21747dfbdfc3b6aaf702a3b
b27d5ca0c9f968f68cb427cfb1a2c1ed35378a41
7df07819035cf7a775d7abab7a54607efdebeda0b51c78830eb8ef4bec0f10ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3198
Cache-Control: max-age=126498
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:07 GMT
Etag: "63581bf3-117"
Expires: Thu, 27 Oct 2022 18:18:25 GMT
Last-Modified: Tue, 25 Oct 2022 17:25:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25b81533916effb6270d0ce3c8633dba
2cb1b18d9fea15854d8cf6d017fe28e79c7bc443
45d68bb4a6304ca626b1e1826bdd47ee5b387374ddb7daaf00ea2089ba01bf98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D68BB4A6304CA626B1E1826BDD47EE5B387374DDB7DAAF00EA2089BA01BF98"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17969
Expires: Wed, 26 Oct 2022 12:09:36 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25b81533916effb6270d0ce3c8633dba
2cb1b18d9fea15854d8cf6d017fe28e79c7bc443
45d68bb4a6304ca626b1e1826bdd47ee5b387374ddb7daaf00ea2089ba01bf98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45D68BB4A6304CA626B1E1826BDD47EE5B387374DDB7DAAF00EA2089BA01BF98"
Last-Modified: Mon, 24 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17969
Expires: Wed, 26 Oct 2022 12:09:36 GMT
Date: Wed, 26 Oct 2022 07:10:07 GMT
Connection: keep-alive

yearlingpreferablyperiods.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA

192.243.59.12

200 OK

7 B

URL HTTP/1.1
yearlingpreferablyperiods.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRitzkYQPCl7WVGYg4iCmXT3dHpm3MNijJFgdrPuKuam1VU1kzLVXU1V9%2FQkeAguSgQP4z%2FovEk27LqIgleDzCzsISBse8phc%2FYqwp5EZMbg6AfF97167%2FC%2BV%2FXlQX5OXOT0bOW63pVK0cWlult7bdPzrtbWZZL3a%2F1W%2BHEYXK2Z3pvtsO6%2BXntXsG296Lue63quV1uVRnR0f3FCQqYP2l697dYDv%2B4tBeib%2F2ObO7DUAe%2BdkxcgeTX%2F0LkMyUZI4u9XhN3OdPrGO3GuaKYNevz4w2Q70UWCeDZ2jINOcnyhhraPV0%2Bgk6OpXejev8JIVsR5dIIoOb4wiah3OPUZKYgEEX8ORW8EoUaQdASm70DyxwRgHDc2kMR3b2hT0B1IOgajE7Yi80%2F%2FgCwqMv%2FkMpL4u2Ul%2B7XbWuWZ1IlFv1NC9keQ3RHSfIxsdw6yGINln0PyX8ji03Uk8eGGVRqSn73CvZCKUEQL7WbbXQiCKFqIOG8viKYnQtfteCx0pwFJOYLsjKDEANQ6yCdHOsg7DvLUQczPaszzvKbLGXVbbcYavCmikLsebXY86rlhCzmb7DBAlg7A1ADM7CE1e9iWA5j8Z9itEpbPwWYVcd7fQ4%2BXKARBYQkKSlBIgiIjKHrlEVfWt%2BVdrmweeRfdv%2BiNcqiz7gE90llXJOQgPSfPT8P76%2BvPsC3OaktLHm35Lm0FrY4fNFzKvDYNg1a7IXzWaQawsoS0c9NVd2VFrpx8hVRW5Jn4N0R0DKvGYPIl0Pxl0GLY9F3QrWHQcrGb3E%2BETkRh610Krkuk2TyyHedAnZMrUxeNzVch2Om1T6Lr1e%2F3%2FgQzJVJT4lP5kKCr9oe3dEEOb%2BnCkh820kzGcpdOnvd2RjNx6f57YqfQhq%2Bt2MG9t9iEmIwPPhA2W6cJl0nXkm%2BXJefCrGrDBPlpzX4kopu53VrOTZKn6zffXl2LUyOslToZgcqKkEenYLIiz%2F54NP25L36xD2lGMHmJOD8lFwWpx2DpHmw68281gVEzTZQ6KPJyaPxodqkkgRIzTKMS9j84ms0Hdh9d44Bmd5DEJXqmRE%2BVoGoAm18aZqk5vfZrY1qIlDOMlHEOI2XUN%2F%2BEa%2BVZrdlouDRsL3nNJhXNKPBbndDjlPpB6IchbSCzFdt8svE3AAAA%2F%2F8BAAD%2F%2FxqnFJKEBAAA HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6490c6cc969dd5ecd156a4ea8ff76d5
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=551a820a848f2430ac19a64893e2cf74&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f52a47ca5287b553204a1f1b91e3418
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d16ae6eb-9790-44bb-bdd9-e71e600f1c60&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a2bfde9dd2920ce8ff524c9b82194b23&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a65d05ffa3913bdf690c4a3f19321af8
Strict-Transport-Security: max-age=0; includeSubdomains

magnews.ml/assets/green/images/icons/favicon.png

45.153.184.53

200 OK

1.3 kB

URL HTTP/1.1
magnews.ml/assets/green/images/icons/favicon.png
IP
45.153.184.53:0
ASN
#202448 MVPS LTD

File type
PNG image data, 39 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1283 bytes)
Hash
a9b55aa2db953b06d76ea054eed0ec4d
22d6b5b4a1bb84f7bd9f955cde92540949008cd0
696b160fc653e697ec954165024f280b99897868f83d980ad041c7eaba8bdd82

HTTP Headers

GET /assets/green/images/icons/favicon.png HTTP/1.1
Host: magnews.ml
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=d16ae6eb-9790-44bb-bdd9-e71e600f1c60%3A1%3A1; sb_main_551a820a848f2430ac19a64893e2cf74=1; sb_count_551a820a848f2430ac19a64893e2cf74=1; ppu_main_a2bfde9dd2920ce8ff524c9b82194b23=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=schemevolcanosuspicions.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=yearlingpreferablyperiods.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Type: image/png
Content-Length: 1283
Last-Modified: Fri, 21 Oct 2022 00:50:02 GMT
Connection: keep-alive
ETag: "6351ecba-503"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t

192.243.61.225

200 OK

2.1 kB

URL HTTP/1.1
literalcorpulent.com/watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2642)
Size
2.1 kB (2094 bytes)
Hash
f6fd09e2d563a6fbf02199ab501f6a59
b42ad4b18d6b4c93b23b23e5ea77b9236730c008
ba1af2ef4199b60b57aa65b5a30fcde6138e873dacf57c918aea2a730a450cca

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.805514889669.js?key=6de05bc705f2765cf895993a4a2c1b62&kw=%5B%22news%22%2C%22mag%22%2C%22home%22%5D&refer=https%3A%2F%2Fmagnews.ml%2F&tz=0&dev=r&res=12.31&uuid=16222221-115b-44b9-b912-ba921ab9e13c%3A1%3A1&shu=99a98d4adc3df19d2c9aed3cdb3bd71708676be1b6acdfc9ca22cc9237fe86936f2c141b09cc5cdbec3921ecce43436d62d03c5b2ec88f7db604230a49312d3786118dcbd7c2a073777fcb69a506875a16c699eca0f40e01826900de8fddc7cb4819973490&pst=1666768266&rmtc=t HTTP/1.1
Host: literalcorpulent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Referer: https://magnews.ml/
Connection: keep-alive
Cookie: u_pl=16682133; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY4MjEzMywiayI6IjZkZTA1YmM3MDVmMjc2NWNmODk1OTkzYTRhMmMxYjYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjg3MTc3LCJwaWQiOjM1NTgxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoiZzhwbWttNDd4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21hZ25ld3MubWwvIn19.V2GxZ9rMb59gAQibwKckoAuQPXQntk9ppcVvQcfgWoU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://magnews.ml
Access-Control-Allow-Origin: https://magnews.ml
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=16222221-115b-44b9-b912-ba921ab9e13c:1:1; expires=Wed, 02 Nov 2022 07:10:07 GMT; secure; SameSite=None
iprc8696a2bb812fa173374ac43601f5b3e6=3569807; expires=Wed, 26 Oct 2022 11:10:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
pdhtkv27=true; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
uncs27=1; expires=Thu, 27 Oct 2022 07:10:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ee4d084c6802b62b3e36138e146f1d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html

104.26.7.19

200 OK

68 kB

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
IP
104.26.7.19:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document, ASCII text
Size
68 kB (67608 bytes)
Hash
320a8fb7a7f0d395f81c1d62259ac79c
d8e16cc260259cfea4900e02874b2a0e914e4ec6
0c4dc464eb3a7349cc008113b6c3964fc9dd165ef2768e19536ef4e729b36c1f

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYoHCwSEvz41KEI%2B8L%2BJqs2IdoJHI%2BKef7pRig1XkQIKdWTqrVfIxVSMKmjdnf8B8JMZLF4osnlZFkPG0aQTxBc2VrGsuEbC0S9Y5UtnC3DssbLq%2BX1sg3Zioi84fXPQcN8NeJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed26c5db4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
9894cc5eeb58d5f6c7601b2e11c11e09
922e451c29f933eea61099c743d4523568afbd56
d72966cfa6230a3a2b185c1bd2d2b88b806988de426d1a795ceb0fe2e95f0790

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D72966CFA6230A3A2B185C1BD2D2B88B806988DE426D1A795CEB0FE2E95F0790"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3442
Expires: Wed, 26 Oct 2022 08:07:30 GMT
Date: Wed, 26 Oct 2022 07:10:08 GMT
Connection: keep-alive

yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696

192.243.59.12

200 OK

0 B

URL HTTP/1.1
yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=696 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg

172.64.110.27

200 OK

60 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
IP
172.64.110.27:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Size
60 kB (59931 bytes)
Hash
9337eb4f9526f6d16e6d1602d8fee3ae
203c7272c5a60a752db43857b2d337d644f690f5
1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: image/jpeg
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7247133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKlKx%2F7l1nc%2Fnzp5f9aeTAseOmBK0Urp4RqGTqWBbA5sg6UAq723c1j5us4QsjYaECCZUQGiuIHg%2BZrGJ%2BQ4Bwj%2B44hNSXm%2BFJN9%2BdvDsbhhDxhnx9XOF%2BRtaCaEXR%2Bp2Lo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed76a997545-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
9894cc5eeb58d5f6c7601b2e11c11e09
922e451c29f933eea61099c743d4523568afbd56
d72966cfa6230a3a2b185c1bd2d2b88b806988de426d1a795ceb0fe2e95f0790

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D72966CFA6230A3A2B185C1BD2D2B88B806988DE426D1A795CEB0FE2E95F0790"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3442
Expires: Wed, 26 Oct 2022 08:07:30 GMT
Date: Wed, 26 Oct 2022 07:10:08 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1132 bytes)
Hash
2b725d76fcb5b313ede8ecf8058e70a6
cc87b9bb9d7be506d6f46b38c0a932b877c60338
4cf2dd1730db80e07afbf500340fbd83c73816c59cdb4b57dc490da8c411185f

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 07:10:08 GMT
date: Wed, 26 Oct 2022 07:10:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347

192.243.59.12

200 OK

0 B

URL HTTP/1.1
yearlingpreferablyperiods.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=347 HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css

172.64.110.27

200 OK

2.5 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
IP
172.64.110.27:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.5 kB (2459 bytes)
Hash
f1766bbd61c5bc27a636c8b30875588f
4a72ecdd5fa887887d2d8eb67b65491c9731708c
ba5bd2b5efbcbfb3c82b59173e4bbda4dd81477adae455c3d48f8c1005f444ab

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIg00BVUvR6hAGHa7yMBf6IB6nYQZEf7661GieBEti7WDk4yEnUq9utKVJ%2BWkTXb%2FSk1urOwdeB5hGiQvCH1CsaHzomtCRjNOh6Myy3wTYFvs96w8PEgXLUddS22J2uUjhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed72a457545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560160
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560161
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 07:10:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js

172.64.110.27

200 OK

257 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
IP
172.64.110.27:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
257 B (257 bytes)
Hash
8e903260935524c1f5eb8e07417fc653
2eba6224960e767d7d9ceb5641fa06204551f668
b7a9e40afd034f0fe6d1fce20d4e469416b5ca9208593096fe2cc61dd441e44f

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8L46KIU5hkhGxlqSUbP69KGJr01HG%2F7RqjJcDX%2F8g2UsuDkHWlmEapPbt3wbBThBQ3ozZQsKerA0PSpjawW0pZB8%2F5vaqmibWv8JkRrHZblW%2FDLaG4xopFw6oapoyIRG84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed74a5c7545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css

172.64.110.27

200 OK

4.8 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
IP
172.64.110.27:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.8 kB (4815 bytes)
Hash
21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://magnews.ml
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdrak%2Fy5iSsNQyEx1o%2F7O4esT2E1YiGXyhpm6Y2Czsa4W8DiegPbh99hm343s7ylj1yRLZVsOcpjnYtbjEKZOVHPjlssZ6O9Zrmo4XWD7jaO6zlJKM5ttQFn5Yvd3NSousk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed74a607545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

yearlingpreferablyperiods.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA

192.243.59.12

200 OK

7 B

URL HTTP/1.1
yearlingpreferablyperiods.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o0geFL2sqIwBxEFM%2Bme6fnlHhbXGAlmN%2BuuYm5av3pSprqrqeqengQPwUWJ4GH8Dzpvkg27LqLg1SAzC3sICDuecticvYqwJxGZMTj6QfF9r947vO9VfbmfnxEfOT1dvm52lNZ0qVH1K69tBMGVyppK8n6l325%2B3AyvVGzvzU6z6r9eeVfyLbNU8wPfD%2FygsqKsjEx%2FaUpCpQ86QbXjV8NaNWiE6Nv%2FY5d7cNSD6J2RF6DEZOGhdwmKj5DE3y9Lt5WZ9I134lzTzFj0xNGHyVZiigTxfIyshyg5OlfDuMcrxzDJ4cwuTO9fIVMT4j06BkuOzk2C9Q5mPpmGTMDEcyh6I0g9gqIjcHMHSjwmABe4sY4kvnvD2IJuQ9ExOJ2yE7Lw9A%2BoYkIWnlxCEn93Tat%2B5bbReaZM4tCPSqj%2BCKo7QpqPke1cgCrG4NnnUOIXsvR0DUl8sO60gRKnr4igSWVTssVOq%2BMvhiFji0yIzqJsBbLp%2B1HAm%2F4sIKVGUNEIWg5AnYd8epSHPPKQpx5icVrhQRC0fMGp3%2B5wXhctyZrCD2grCmjgN9vI%2BXSHAbJ0AK4H4HYXqd3FlhrA5j%2FDbZZw4gJcNiHe%2B7voiRKFJCgcQUEJCkVQZARFrzwU2tVceVdol7PgvNfOe70cmqy7Tw9N1pUJ2U%2FPyPOz8P76%2BjNsydNKoxHQds2n7bAd1cK6T3nQoc2w3anLGo9aIZwqodyF2ao7akIuH3%2BFVE3IM%2FFvYHQMp8fg6iXQ%2FGXQYtiq%2BaCbw7DtYye5n0iTyMJVuxTClEizBWTb3r4%2BI5dnLuobr0Lyk6ufsOuT3%2B%2F9CW5LpLbEp%2BohQVfvDW%2BZghzcMoUjP6ynmYrVDp0%2B7%2B2MZvLi%2FffkdmGsWF12g3tv8SkxHR98IF22RhOhkq4j315TQki7YiyX5KdV95FkN3O3eS23SZ6u3Xx7ZTVOrXROmWQEqiaEPDoBVxPy7I%2BHs5%2F74hd7UHYEm5eI8xNyXlBmDJ7uwqVz%2F84QWD3XsNRDkZdDW2PzS60ItJxjykq4%2F2A2n%2FfdHrrWA83uIIlL9GyJni5B9QAuvzjMUnty9df6rMC0N2TaegdMW%2F3NP%2BE6dVqp%2B6LFZCRbTIaNMJJcsEaD%2BTzirC7abY7MTfjGk%2FW%2FAQAA%2F%2F8BAAD%2F%2F5pzwXqEBAAA HTTP/1.1
Host: yearlingpreferablyperiods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Cookie: u_pl=16682108; uid_id2=d16ae6eb-9790-44bb-bdd9-e71e600f1c60:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec551a820a848f2430ac19a64893e2cf74=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 07:10:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2094ec9b833e1d70c6441db84190e9c
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg

172.64.110.27

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg
IP
172.64.110.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:08 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7247133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgncGG7Y9dX6DykKPzVZS1%2BoNIQNtxWvTxaERug1REy8GSDMgYnnU167QCz3TDvY7VuZn2Dy%2FbskF5%2Bi4Aun6a0ZsObmWo8RwveLKQ0Bqpagu%2FsON9BfRNWE%2FaJJM8kT4AQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ed75a877545-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.193.5

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.193.5:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://magnews.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 07:10:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ea5379521a929ee9cef126186cb3f715
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 07:10:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ez%2FU1TGSUcYFXQ6rCh1bfo2CpEPv6EkM1LLfd12LFafMdVMXJfkfimGKyGSAB9LjGYVHInlbAjnCrytua9pX3TkK%2Bse6ajRXxueJcCHo1kCTgB2xQMqsggojd4Q7QMUEScHsws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76015ec988527463-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations