| | 213.180.204.221 | 302 FOUND | 862 B |
URL User Request GET HTTP/1.1IP213.180.204.221:443
CertificateIssuerGlobalSign nv-sa Subjectclck.ru FingerprintE4:1A:F4:4C:60:E3:51:E7:15:7A:DF:84:8A:8D:54:A5:10:6B:66:E9 ValidityTue, 26 Dec 2023 17:08:29 GMT - Mon, 24 Jun 2024 20:59:59 GMT
File typeHTML document, ASCII text, with very long lines (752) Hashc10be174221d5f31b9176e2487d15dd9 e29a81529e115767d3df99097fe0b7c5cb309f69 32be2f4317afe1e93ef315617534c55ce3a59220ee0162bd87852c5214ed666d
GET /3A9pGX HTTP/1.1
Host: clck.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 FOUND
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Access-Control-Allow-Origin: *
Content-Length: 862
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 08:50:38 GMT
Location: https://sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e
Set-Cookie: _yasc=0YW1EibgWpj3/CKi6ebgf6tcZ2NUBJ4BqZvCxpO/NaG9ojs6VcZ59nc3216bl7xT; domain=.clck.ru; path=/; expires=Sun, 23 Apr 2034 08:50:38 GMT; secure
Strict-Transport-Security: max-age=31536000
|
|
| sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e | 77.88.21.232 | 302 FOUND | 538 B |
URL User Request GET HTTP/1.1sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e IP77.88.21.232:443
CertificateIssuerGlobalSign nv-sa Subjectsba.yandex.net Fingerprint08:96:BF:33:F4:7A:45:90:A9:84:93:18:F9:BA:10:8F:6C:CC:78:F7 ValidityTue, 26 Dec 2023 16:46:17 GMT - Mon, 24 Jun 2024 20:59:59 GMT
File typeHTML document, ASCII text, with very long lines (428) Hash30b18e54bdc41b2c3a88683bdacf567d 8b73fba55813a9f01632b076394f8025e96c2c55 21220f2df3824c51714dd548edc5636fb2d97eedd765613f69c89880db2bc419
GET /redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e HTTP/1.1
Host: sba.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: gdpr=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 FOUND
Content-Length: 538
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 08:50:38 GMT
Location: https://mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
|
|
| mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3 | 85.192.12.172 | 307 Temporary Redirect | 257 B |
URL User Request GET HTTP/1.1mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3 IP85.192.12.172:443 ASN#12695 LLC Digital Network
CertificateIssuerLet's Encrypt Subjectmixer-magazin.com Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43 ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT
File typeHTML document, ASCII text Hash6ad8b5e1d8b0b7d586670bb7c61a7905 2209da8a241e47ac55251dbdbdc7a81ec7b30435 57ae83d85ba45934a38f96ab7c951dd7a6986f794bbfd9e6a9042b0e41bfc160
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3 HTTP/1.1
Host: mixer-newspaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.14.1
Date: Thu, 25 Apr 2024 08:50:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 257
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Location: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
sid10=0; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
uid=; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
utm_medium=11305; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
|
|
| newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png | 104.21.15.168 | 200 OK | 676 B |
URL GET HTTP/3newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hash63b832f84f9d1597b5a74f389abff60f ecec02bb00308dfacb81120bfb2a28280926a155 f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072
GET /static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: image/png
content-length: 676
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
etag: "66029d5e-2a4"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDfinACYjB1I7ykRyMgCsqVL2cZhKa0JMY2px%2BNM%2FPgXPzng0hXXYPpW5CTsBwo2kvcB5jW%2FUTXAcRGkJUA%2BEKo895DHpUpoGvrWrxTB6RksVc1mze5R5%2BmjxtoK67raECibPMFM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16385b79568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css | 104.21.15.168 | 200 OK | 7.6 kB |
URL GET HTTP/3newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeASCII text, with very long lines (51776), with no line terminators Hashbb2187ffc39c45384458524b1dd9253b 5d8db7d19fd63fe48fc2e187c970d82e0af37592 21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d
GET /static/outofwindow3-without-dmp2.desktop/css/grid.min.css HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ca40"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2gIMnUodmUliQxThAPJSFI6F%2Bi6OkaegQBukTRXAA809NHsynVktKWRlT2QTtXETp7Kl8U9JHgY7tMo6UausdCMiYV4u0EbzNzL%2BBgmiwMb5Nm35CB7Hvg8gDpN4ivTjeVVIXEY%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d1636192f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js | 104.21.15.168 | 200 OK | 95 kB |
URL GET HTTP/3newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33460) Hash4060f2a935a377e7eb8db4df608b8ca1 ea630e2580a5075050a0f5435cdfcfd0dde77686 7ae627eec7ec821fb3a6c77342be3acf8bd86d3926956081caaf4306f459bc2e
GET /static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-4567c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Ft6pnLrZ9FI6fynOU4MPRgaNL0OmOFahtfTVDHIqAR1RgW71nn%2Fyg5o5mk7Yaijc%2FgDdCtbWzs6QSOscXPd2bcfEkddo5w%2BWHacKFKHqr5PKSc9KpEDJdoG%2F5ok1ohrfXbVUm8LsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361933568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 10:46:32 GMT
expires: Wed, 23 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 165848
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D | 104.21.15.168 | 200 OK | 22 kB |
URL User Request GET HTTP/2newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP104.21.15.168:443
CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2440) Hash9d4904abd0dd8d24e26c1c58c3e0d298 fe622cbd5f95106d5b457b884ace37f0480e5b55 b47b770af63035a74375dcf97ccd2ba87580d920cab512c0295ead9229823aca
GET /preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
x_domain: newsmixer-column.com
x_theme: outofwindow3-without-dmp2.desktop
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u76ZH51jRRPxb8%2F2kf3mDaudc633N8AJ79q8oiQAVmo1qrWwTqMNRq%2BHCumNmIh96UviYcqPigIFschUImd3T9JujZA%2FRGc%2Bvt03132yVwYI2H86dV3Bp1aow2nfz7IraU0Ax86Jhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163338ca0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 | 142.250.74.163 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 IP142.250.74.163:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9644, version 1.0 Hash6f112ec2b932ee12379442c42853244e b2e73c8c70d6261e1d187f41693c43ac4fe0809d 6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:34:37 GMT
expires: Fri, 25 Apr 2025 02:34:37 GMT
cache-control: public, max-age=31536000
age: 22563
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic IP142.250.74.106:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash0c584e48500cb9ca5e2c9702a05ba10f da758bea4ae282aeb68b5340d72fba574f6904c5 2c5677adc8751128fd45d861c4d65779af145c6b6dd5af2fefb67fdb756eb376
GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 08:50:39 GMT
date: Thu, 25 Apr 2024 08:50:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js | 104.21.15.168 | 200 OK | 9.9 kB |
URL GET HTTP/3newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61077) Hash885d599073ffbe148bdc80a6f290c842 01a816b3d95cc1920cd1352e9c3c942abaca874d 54992b57d63e453bee34817f0ea1c73f68b4bed1b5d72fc083ea5e823d82fb66
GET /static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ef13"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cGjIFsYSGoaRGC%2Fr6ag72z%2BCr8n6M1A87EqROeNNni2qtmvf39eLBFlwdBTmhrefXGFZ7DPxa4h82kgbIYUEUulYUaRneLmtjvwyjFW6U5rcSarHWhhf6oYySdpaHFg91XIY0QdPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361931568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js | 46.4.218.122 | 200 OK | 14 kB |
URL GET HTTP/2ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js IP46.4.218.122:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerLet's Encrypt Subjectexpo-s.com Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55 ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT
File typegzip compressed data, from Unix Hash0fffac09ee896fe1cbdd2468de02ea2b 6f869305d691031539e9d5b334f572b3e04b5ded a7c22f434a0278a6d4630eeee6702adea2c9c6203ac7e6c3d30c4ce8821258ce
GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: ffrtrinvzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:29:38 GMT
vary: Accept-Encoding
etag: W/"654e84a2-3797"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.163:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:32:53 GMT
expires: Fri, 25 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 22667
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 | 142.250.74.163 | 200 OK | 9.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 IP142.250.74.163:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9840, version 1.0 Hash7b08b9e11fc6b8a8a1398b357e874144 4b5fb5790fae1c96655aaa7a426b697f5ab986d0 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:33:04 GMT
expires: Fri, 25 Apr 2025 02:33:04 GMT
cache-control: public, max-age=31536000
age: 22656
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mixer-newspaper.com/image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed= | 85.192.12.172 | 200 OK | 43 B |
URL GET HTTP/1.1mixer-newspaper.com/image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed= IP85.192.12.172:443 ASN#12695 LLC Digital Network
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerLet's Encrypt Subjectmixer-magazin.com Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43 ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT
File typeGIF image data, version 89a, 1 x 1 Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed= HTTP/1.1
Host: mixer-newspaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 25 Apr 2024 08:50:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://newsmixer-column.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 25 Apr 2024 08:50:40 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoibmV3cy1iN2ZkZjY1Zi05M2E5LTRlYTktYWI4Ni01NzRiMDA3NjZmMDgiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
|
|
| newsmixer-column.com/images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg | 104.21.15.168 | 200 OK | 78 kB |
URL GET HTTP/3newsmixer-column.com/images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3 Hash6a82387f61b96616594ab9dab403d198 c5c6b0422d38757a195bb2fa5f5140fa2b30730f 5f5efff860372bfc3770a3da2c0412ca7e75bf5150526ef3f3493f0074683314
GET /images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: image/jpeg
content-length: 78274
last-modified: Fri, 05 Jan 2024 14:48:57 GMT
etag: "659816d9-131c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: *
access-control-expose-headers: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0ZrvFUEIgPFqV%2BvB%2B2TE%2FK10wseZFn3iRoiPFcPn6ZEQgqqJ8Xws1iUZdyHrFUar6RBBQk34o%2FyDTNTXOR44mGX6fLwxjIYcjykDnaCQZMlt6cRD1EXidnpqSoxc1V9vwyjzVQo9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163a2d47568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newsmixer-column.com/favicon.ico | 104.21.15.168 | 204 No Content | 0 B |
URL GET HTTP/3newsmixer-column.com/favicon.ico IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 25 Apr 2024 08:50:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwWNJ9QvNirMIwm0ZbYWP7s%2BYEf08rmcL70LdHLcIrwfMXUsgSZACftq7dXYqeJu6%2FPU791zf6Jar8Le5w91iatbvf2nthwxnyBfMi22%2FMPiSLPrRGUvYkqLXCPiIv%2BdCty6puEZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163b0e42568f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| newsmixer-column.com/api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b | 104.21.15.168 | 200 OK | 12 kB |
URL GET HTTP/3newsmixer-column.com/api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
Hashf489606e52617285538b932634043127 4968f432520144a3b5c81ea658e3f2e5e95135f1 34c4b1a0454f0fbca50f3a895917d2712586e205a40d4cc52e522518eb2168a6
GET /api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
set-cookie: templates_show_id=1; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FYB%2BKkcx7zEfNA51Vp8hLC1y3CSv30TQjeRK3UJgpQ6Keqc%2BIRf9EmzwYijYrVJPOYxu2GuymdvEW1pIYP9n3aYi3yHDP8mnS06BR7OHOd0NQvomBbQ8Apbuj2ZH%2FTycXtz9QHoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163a2d49568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:37:01 GMT
expires: Fri, 25 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 22419
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js | 46.4.218.122 | 200 OK | 28 kB |
URL GET HTTP/2wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js IP46.4.218.122:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerLet's Encrypt Subjectexpo-s.com Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55 ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js HTTP/1.1
Host: wdhhsxghbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:26:39 GMT
vary: Accept-Encoding
etag: W/"654e83ef-6f17"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css | 104.21.15.168 | 200 OK | 10 kB |
URL GET HTTP/3newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeASCII text, with very long lines (10290), with no line terminators Hashd38541ab402216e5d06b9eebbda15227 40835452d8b01b09a3946781224301006f5da7b1 2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c
GET /static/outofwindow3-without-dmp2.desktop/css/style.min.css HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-2832"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvoTfbip%2B8O9W%2B2YJvhq%2FCCmdSUReDHSIC2OQh38CorSPTZ0vOO27jMYQylvqfEMgsq6HFF08Zcmf3jyNrOFPreYW7Zo4rR%2FXgCbkoOLLSu5HYa%2FdPZ%2FQBc6UCcv%2FVqCVtIkbV4T7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361935568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newsmixer-column.com/api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1 | 104.21.15.168 | 200 OK | 4.3 kB |
URL GET HTTP/3newsmixer-column.com/api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1 IP104.21.15.168:443
Requested byhttps://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D CertificateIssuerGoogle Trust Services LLC Subjectnewsmixer-column.com FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2832), with no line terminators Hash8947de92545585fa79ca0604ad4969e0 0daad56251d92f47a34917f622d5721557bf7d27 d25dfe081b3e979d4ef8a594bcdffbf9fdc95b5301d67a1c6c693b2719a1aa87
GET /api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1 HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6hp1H%2F5OVcX3RRqAAXl9HMVeWsaDMFUmG%2BiMF4CMzzLL6fu6vg5l55xKpNxYPfjmkX%2FjRErHwgevLjWB3v0NSKflNR6mGtbnn%2Fj4q0%2BtTsDeoBdGVDqY2qL98t8vF8m7bcdd%2FnVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d1638fc24568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|