Report - clck.ru/3A9pGX

Report Overview

Submitted URL
clck.ru/3A9pGX
IP
213.180.204.221
ASN
#13238 YANDEX LLC
Submitted
2024-04-25 08:51:04
Access
public
Website Title
Кто хранил этот документ в СССР может рассчитывать на крупный бонус... -
Final URL
newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sba.yandex.ru	unknown	1997-09-23	2020-04-14	2024-04-18	778 B	944 B	77.88.21.232
mixer-newspaper.com	unknown	2023-09-13	2023-09-13	2024-02-27	1.3 kB	2.7 kB	85.192.12.172
newsmixer-column.com	unknown	unknown	No data	No data	7.5 kB	248 kB	104.21.15.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	2.7 kB	71 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	463 B	1.9 kB	142.250.74.106
ffrtrinvzk.com	unknown	2023-08-31	2023-08-31	2024-04-18	439 B	14 kB	46.4.218.122
wdhhsxghbr.com	unknown	2023-05-12	2023-05-27	2024-02-26	441 B	29 kB	46.4.218.122
clck.ru	105004	2007-08-13	2017-02-01	2024-04-18	468 B	1.8 kB	213.180.204.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	mixer-newspaper.com	Sinkholed
2024-04-25	medium	mixer-newspaper.com	Sinkholed
2024-04-25	medium	wdhhsxghbr.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	2.1 kB	2024-04-25	2024-04-25
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 10:51:11 Last Seen2024-04-25 10:51:11 Times Seen1 Hash 21fece38cf331e9d1c0c54007fabd55b 74163fc2517a68fdc9c26c5238430ced6b9a6ce3 55c1e475efc5268f9aeacf10373167d0e8721db47e2f6472c782d5c167f30cfc Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	674 B	2023-11-22	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 16:10:23 Last Seen2024-05-04 09:09:44 Times Seen40 Hash b4594783d8efe794fac1ce9e82a0cc5e e5f586fa17c5087eddd72a3459c1b4df84c2eedd 21e653453da0aa932e1336f13f7a7903332c146e4757f8cf8248e05be92a3d18 Loading...

	newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js	284 kB	2024-03-22	2024-05-04
Pretty URL newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 17:47:33 Last Seen2024-05-04 09:09:44 Times Seen19 Hash 4bcc8f1ab257a3a7f2682fc76ef938eb 0b55a5a558745ab4f3ee40a448ae67af35b249f8 876d0035f300e030d2dd7e8c3fa3cac069e0970edee3ad710a66579242d23c8e Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	13 B	2023-03-07	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-05-04 09:09:44 Times Seen832 Hash 8e742d11d6b24c401e35f3b516726584 89b72153bd7e6390415ba25b9b5fbe750e6e16d5 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40 Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	3.1 kB	2024-04-19	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 09:18:49 Last Seen2024-05-04 09:09:44 Times Seen8 Hash 3fa66fc23fdcdc2657f9837d174d0136 18c41adaff3b26b418bad8529d8a5b3b1f567627 1d9070d641eaccf56261d13c02fe38316ebea78afe4c9f350bc3cc61fb1498ed Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	1.6 kB	2023-03-07	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:50:18 Last Seen2024-05-04 09:09:44 Times Seen112 Hash cefeaf107cf4ea904198a25ce287c749 0ce821318d3c06ca6be9e2d25c9212c99240492f c940d27f84a2d9a115855dc93b3f98d8e9990e979d82cc1d1d7b3a88dfa35c8c Loading...

	wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js	28 kB	2023-11-11	2024-05-04
Pretty URL wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js IP 46.4.218.122 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 01:07:34 Last Seen2024-05-04 09:09:44 Times Seen23 Hash 3477b6a27807673228c33bab5836defd a539ba0d605ae7edba74719766e385dd7869765c 48224394a80d0154ad2e03365f2e182636a92052bf3f8f1582f9904ea760a3ae Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	5.9 kB	2023-04-25	2024-05-03
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-05-03 05:14:04 Times Seen102 Hash a8a016e42d0cd02fdb88bbe44e1691d3 0720b760906f353568ee31173f51924082ddc5ab 16131e407a0ab1cfd7a8fd5285a427292fc0b72ed1b8fc5d8ad762a5e0a3ee21 Loading...

	ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js	14 kB	2023-11-11	2024-05-04
Pretty URL ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js IP 46.4.218.122 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 01:07:34 Last Seen2024-05-04 09:09:44 Times Seen43 Hash e544f23c69afbc0d8baecb422a453f08 ecb44c1f88aba5561699982f28e9319e390cc672 7dac0e67a328b139811db3bc1abc2f19f8694437e5874fe5e38daf50196a191f Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	896 B	2024-02-06	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-06 06:16:58 Last Seen2024-05-04 09:09:44 Times Seen25 Hash 464ccebd46c9acecae989cb04642623c c36550914e324937b946ffdde859fc9d286e66da 989b43ad5f9d072714a41e66cac2328c86eed22f646f8e58b939ba9d05996afc Loading...

	newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js	61 kB	2024-04-05	2024-05-04
Pretty URL newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 13:31:30 Last Seen2024-05-04 09:09:44 Times Seen27 Hash 885d599073ffbe148bdc80a6f290c842 01a816b3d95cc1920cd1352e9c3c942abaca874d 54992b57d63e453bee34817f0ea1c73f68b4bed1b5d72fc083ea5e823d82fb66 Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	520 B	2023-04-25	2024-05-04
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-25 14:05:49 Last Seen2024-05-04 09:09:44 Times Seen106 Hash 0ecbef2fe3dd74ace4ff70c949cd4572 40493ff5c4b1a05e61256a9a2ba640e64f7c0299 20f7d445ff52c6baac1489937a61431ea5c293fb6dc480b22f29f1277e27d0c0 Loading...

	newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D	1.8 kB	2023-09-03	2024-04-25
Pretty URL newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D IP 104.21.15.168 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-03 22:13:13 Last Seen2024-04-25 10:51:11 Times Seen22 Hash 56a59e0400c2d123d85574165d670967 6c8fc0b76fe46613f79d210a297a92dd1cccd7f7 343d6c2788409b086b4b9d0619741bcb73fc3deeb974c51658b6cb4d119be891 Loading...

HTTP Transactions (22)

URL IP Response Size

clck.ru/3A9pGX

213.180.204.221

302 FOUND

862 B

URL User Request GET HTTP/1.1
clck.ru/3A9pGX
IP
213.180.204.221:443
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectclck.ru
FingerprintE4:1A:F4:4C:60:E3:51:E7:15:7A:DF:84:8A:8D:54:A5:10:6B:66:E9
ValidityTue, 26 Dec 2023 17:08:29 GMT - Mon, 24 Jun 2024 20:59:59 GMT

File type
HTML document, ASCII text, with very long lines (752)
Size
862 B (862 bytes)
Hash
c10be174221d5f31b9176e2487d15dd9
e29a81529e115767d3df99097fe0b7c5cb309f69
32be2f4317afe1e93ef315617534c55ce3a59220ee0162bd87852c5214ed666d

HTTP Headers

GET /3A9pGX HTTP/1.1
Host: clck.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 FOUND
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Access-Control-Allow-Origin: *
Content-Length: 862
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 08:50:38 GMT
Location: https://sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e
Set-Cookie: _yasc=0YW1EibgWpj3/CKi6ebgf6tcZ2NUBJ4BqZvCxpO/NaG9ojs6VcZ59nc3216bl7xT; domain=.clck.ru; path=/; expires=Sun, 23 Apr 2034 08:50:38 GMT; secure
Strict-Transport-Security: max-age=31536000

sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e

77.88.21.232

302 FOUND

538 B

URL User Request GET HTTP/1.1
sba.yandex.ru/redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e
IP
77.88.21.232:443
ASN
#13238 YANDEX LLC

Certificate
IssuerGlobalSign nv-sa
Subjectsba.yandex.net
Fingerprint08:96:BF:33:F4:7A:45:90:A9:84:93:18:F9:BA:10:8F:6C:CC:78:F7
ValidityTue, 26 Dec 2023 16:46:17 GMT - Mon, 24 Jun 2024 20:59:59 GMT

File type
HTML document, ASCII text, with very long lines (428)
Size
538 B (538 bytes)
Hash
30b18e54bdc41b2c3a88683bdacf567d
8b73fba55813a9f01632b076394f8025e96c2c55
21220f2df3824c51714dd548edc5636fb2d97eedd765613f69c89880db2bc419

HTTP Headers

GET /redirect?url=https%3A%2F%2Fmixer-newspaper.com%2F%3Futm_campaign%3D55087%26utm_content%3Da45ce60c-d3f6-4650-abfa-0c5d66e8702b%26utm_source%3D%255BSID%255D%26utm_medium%3D11305%26clckid%3D1c79fcd3&client=clck&request_id=1714035038647258-15518776158703591927&sign=79f8820d1e527c6d963794469475df0e HTTP/1.1
Host: sba.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: gdpr=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 FOUND
Content-Length: 538
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 08:50:38 GMT
Location: https://mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3

85.192.12.172

307 Temporary Redirect

257 B

URL User Request GET HTTP/1.1
mixer-newspaper.com/?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Certificate
IssuerLet's Encrypt
Subjectmixer-magazin.com
Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43
ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT

File type
HTML document, ASCII text
Size
257 B (257 bytes)
Hash
6ad8b5e1d8b0b7d586670bb7c61a7905
2209da8a241e47ac55251dbdbdc7a81ec7b30435
57ae83d85ba45934a38f96ab7c951dd7a6986f794bbfd9e6a9042b0e41bfc160

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=%5BSID%5D&utm_medium=11305&clckid=1c79fcd3 HTTP/1.1
Host: mixer-newspaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.14.1
Date: Thu, 25 Apr 2024 08:50:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 257
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Location: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
sid10=0; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
uid=; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None
utm_medium=11305; Path=/; Expires=Sat, 25 May 2024 08:50:39 GMT; Secure; SameSite=None

newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png

104.21.15.168

200 OK

676 B

URL GET HTTP/3
newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
676 B (676 bytes)
Hash
63b832f84f9d1597b5a74f389abff60f
ecec02bb00308dfacb81120bfb2a28280926a155
f44cbdd6870924cf39f27ff12eb903a0ca9208e4817a9433d983bb23e6edc072

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/img/arrow-right-circle.png HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: image/png
content-length: 676
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
etag: "66029d5e-2a4"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDfinACYjB1I7ykRyMgCsqVL2cZhKa0JMY2px%2BNM%2FPgXPzng0hXXYPpW5CTsBwo2kvcB5jW%2FUTXAcRGkJUA%2BEKo895DHpUpoGvrWrxTB6RksVc1mze5R5%2BmjxtoK67raECibPMFM2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16385b79568f-OSL
alt-svc: h3=":443"; ma=86400

newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css

104.21.15.168

200 OK

7.6 kB

URL GET HTTP/3
newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/grid.min.css
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
ASCII text, with very long lines (51776), with no line terminators
Size
7.6 kB (7562 bytes)
Hash
bb2187ffc39c45384458524b1dd9253b
5d8db7d19fd63fe48fc2e187c970d82e0af37592
21226ae8892fd9920a89d1c1b2a1f17a93b600e6d88d7427a878fdd964340e8d

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/css/grid.min.css HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ca40"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2gIMnUodmUliQxThAPJSFI6F%2Bi6OkaegQBukTRXAA809NHsynVktKWRlT2QTtXETp7Kl8U9JHgY7tMo6UausdCMiYV4u0EbzNzL%2BBgmiwMb5Nm35CB7Hvg8gDpN4ivTjeVVIXEY%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d1636192f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js

104.21.15.168

200 OK

95 kB

URL GET HTTP/3
newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33460)
Size
95 kB (95199 bytes)
Hash
4060f2a935a377e7eb8db4df608b8ca1
ea630e2580a5075050a0f5435cdfcfd0dde77686
7ae627eec7ec821fb3a6c77342be3acf8bd86d3926956081caaf4306f459bc2e

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/js/chunk-vendors.6a844e66.js HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-4567c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Ft6pnLrZ9FI6fynOU4MPRgaNL0OmOFahtfTVDHIqAR1RgW71nn%2Fyg5o5mk7Yaijc%2FgDdCtbWzs6QSOscXPd2bcfEkddo5w%2BWHacKFKHqr5PKSc9KpEDJdoG%2F5ok1ohrfXbVUm8LsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361933568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 10:46:32 GMT
expires: Wed, 23 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 165848
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D

104.21.15.168

200 OK

22 kB

URL User Request GET HTTP/2
newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2440)
Size
22 kB (22120 bytes)
Hash
9d4904abd0dd8d24e26c1c58c3e0d298
fe622cbd5f95106d5b457b884ace37f0480e5b55
b47b770af63035a74375dcf97ccd2ba87580d920cab512c0295ead9229823aca

HTTP Headers

GET /preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
x_domain: newsmixer-column.com
x_theme: outofwindow3-without-dmp2.desktop
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u76ZH51jRRPxb8%2F2kf3mDaudc633N8AJ79q8oiQAVmo1qrWwTqMNRq%2BHCumNmIh96UviYcqPigIFschUImd3T9JujZA%2FRGc%2Bvt03132yVwYI2H86dV3Bp1aow2nfz7IraU0Ax86Jhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163338ca0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

142.250.74.163

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:34:37 GMT
expires: Fri, 25 Apr 2025 02:34:37 GMT
cache-control: public, max-age=31536000
age: 22563
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1248 bytes)
Hash
0c584e48500cb9ca5e2c9702a05ba10f
da758bea4ae282aeb68b5340d72fba574f6904c5
2c5677adc8751128fd45d861c4d65779af145c6b6dd5af2fefb67fdb756eb376

HTTP Headers

GET /css?family=Roboto:300,400,500,700&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 08:50:39 GMT
date: Thu, 25 Apr 2024 08:50:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js

104.21.15.168

200 OK

9.9 kB

URL GET HTTP/3
newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61077)
Size
9.9 kB (9925 bytes)
Hash
885d599073ffbe148bdc80a6f290c842
01a816b3d95cc1920cd1352e9c3c942abaca874d
54992b57d63e453bee34817f0ea1c73f68b4bed1b5d72fc083ea5e823d82fb66

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/js/app.1f7ffee5.js HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-ef13"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cGjIFsYSGoaRGC%2Fr6ag72z%2BCr8n6M1A87EqROeNNni2qtmvf39eLBFlwdBTmhrefXGFZ7DPxa4h82kgbIYUEUulYUaRneLmtjvwyjFW6U5rcSarHWhhf6oYySdpaHFg91XIY0QdPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361931568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js

46.4.218.122

200 OK

14 kB

URL GET HTTP/2
ffrtrinvzk.com/1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js
IP
46.4.218.122:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerLet's Encrypt
Subjectexpo-s.com
Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55
ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT

File type
gzip compressed data, from Unix
Size
14 kB (13743 bytes)
Hash
0fffac09ee896fe1cbdd2468de02ea2b
6f869305d691031539e9d5b334f572b3e04b5ded
a7c22f434a0278a6d4630eeee6702adea2c9c6203ac7e6c3d30c4ce8821258ce

HTTP Headers

GET /1/749a797bad14b6d45e1234ecbcceda74bcb7d35a.js HTTP/1.1
Host: ffrtrinvzk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:29:38 GMT
vary: Accept-Encoding
etag: W/"654e84a2-3797"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:32:53 GMT
expires: Fri, 25 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 22667
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

142.250.74.163

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:33:04 GMT
expires: Fri, 25 Apr 2025 02:33:04 GMT
cache-control: public, max-age=31536000
age: 22656
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mixer-newspaper.com/image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed=

85.192.12.172

200 OK

43 B

URL GET HTTP/1.1
mixer-newspaper.com/image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed=
IP
85.192.12.172:443
ASN
#12695 LLC Digital Network

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerLet's Encrypt
Subjectmixer-magazin.com
Fingerprint18:D8:D6:7D:92:DE:0D:40:FF:A0:44:4F:CC:FC:E6:11:8C:44:1D:43
ValidityMon, 25 Mar 2024 11:42:37 GMT - Sun, 23 Jun 2024 11:42:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image.gif?sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_source=[SID]&utm_medium=11305&client_id=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&cost=0&category=0&resolution_width=1280&resolution_height=1024&connection_speed= HTTP/1.1
Host: mixer-newspaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 25 Apr 2024 08:50:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://newsmixer-column.com
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Thu, 25 Apr 2024 08:50:40 GMT
Pragma: no-cache
Set-Cookie: cd=eyJzIjp7Im8iOiJMaW51eCIsIm92IjoiIiwiZGMiOjEsImIiOiJGaXJlZm94IiwiYnYiOiI5NiJ9LCJsIjp7InIiOiIiLCJuIjoyMDA0NywiaXNwIjoiQmxpeCBTb2x1dGlvbnMifX0=; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
cc=eyJ1aWlkIjoibmV3cy1iN2ZkZjY1Zi05M2E5LTRlYTktYWI4Ni01NzRiMDA3NjZmMDgiLCJkX29mZnNldCI6LTF9; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None

newsmixer-column.com/images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg

104.21.15.168

200 OK

78 kB

URL GET HTTP/3
newsmixer-column.com/images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 492x328, components 3
Size
78 kB (78274 bytes)
Hash
6a82387f61b96616594ab9dab403d198
c5c6b0422d38757a195bb2fa5f5140fa2b30730f
5f5efff860372bfc3770a3da2c0412ca7e75bf5150526ef3f3493f0074683314

HTTP Headers

GET /images/news/rectangular/c23af9d0f414660f859d527eb3ee20a8.jpg HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: image/jpeg
content-length: 78274
last-modified: Fri, 05 Jan 2024 14:48:57 GMT
etag: "659816d9-131c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: *
access-control-expose-headers: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0ZrvFUEIgPFqV%2BvB%2B2TE%2FK10wseZFn3iRoiPFcPn6ZEQgqqJ8Xws1iUZdyHrFUar6RBBQk34o%2FyDTNTXOR44mGX6fLwxjIYcjykDnaCQZMlt6cRD1EXidnpqSoxc1V9vwyjzVQo9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163a2d47568f-OSL
alt-svc: h3=":443"; ma=86400

newsmixer-column.com/favicon.ico

104.21.15.168

204 No Content

0 B

URL GET HTTP/3
newsmixer-column.com/favicon.ico
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08; templates_show_id=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 25 Apr 2024 08:50:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwWNJ9QvNirMIwm0ZbYWP7s%2BYEf08rmcL70LdHLcIrwfMXUsgSZACftq7dXYqeJu6%2FPU791zf6Jar8Le5w91iatbvf2nthwxnyBfMi22%2FMPiSLPrRGUvYkqLXCPiIv%2BdCty6puEZZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163b0e42568f-OSL
alt-svc: h3=":443"; ma=86400

newsmixer-column.com/api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b

104.21.15.168

200 OK

12 kB

URL GET HTTP/3
newsmixer-column.com/api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
JSON text data
Size
12 kB (12236 bytes)
Hash
f489606e52617285538b932634043127
4968f432520144a3b5c81ea658e3f2e5e95135f1
34c4b1a0454f0fbca50f3a895917d2712586e205a40d4cc52e522518eb2168a6

HTTP Headers

GET /api/get-items?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1&boost=1&is_clear=0&count=10&offset=0&r=0.49727606854948225&theme=outofwindow3-without-dmp2&is_video=0&resolution_width=1280&resolution_height=1024&article=a45ce60c-d3f6-4650-abfa-0c5d66e8702b HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
set-cookie: templates_show_id=1; Path=/; Expires=Sat, 25 May 2024 08:50:40 GMT; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FYB%2BKkcx7zEfNA51Vp8hLC1y3CSv30TQjeRK3UJgpQ6Keqc%2BIRf9EmzwYijYrVJPOYxu2GuymdvEW1pIYP9n3aYi3yHDP8mnS06BR7OHOd0NQvomBbQ8Apbuj2ZH%2FTycXtz9QHoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d163a2d49568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://newsmixer-column.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:37:01 GMT
expires: Fri, 25 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 22419
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js

46.4.218.122

200 OK

28 kB

URL GET HTTP/2
wdhhsxghbr.com/1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js
IP
46.4.218.122:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerLet's Encrypt
Subjectexpo-s.com
Fingerprint8A:55:09:61:0B:75:01:86:EA:50:BE:2C:C2:EA:C9:40:B7:05:47:55
ValiditySat, 16 Mar 2024 07:12:37 GMT - Fri, 14 Jun 2024 07:12:36 GMT

File type

Size
28 kB (28439 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/45e49f4106a03e252cc9665e791faa6b5f9f6063.js HTTP/1.1
Host: wdhhsxghbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 19:26:39 GMT
vary: Accept-Encoding
etag: W/"654e83ef-6f17"
content-encoding: gzip
X-Firefox-Spdy: h2

newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css

104.21.15.168

200 OK

10 kB

URL GET HTTP/3
newsmixer-column.com/static/outofwindow3-without-dmp2.desktop/css/style.min.css
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
ASCII text, with very long lines (10290), with no line terminators
Size
10 kB (10290 bytes)
Hash
d38541ab402216e5d06b9eebbda15227
40835452d8b01b09a3946781224301006f5da7b1
2c19f3af00a3bddd2fff8453cb4279fdf8c01d37f8b41f3d05df174f6795b99c

HTTP Headers

GET /static/outofwindow3-without-dmp2.desktop/css/style.min.css HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:39 GMT
content-type: text/css
last-modified: Tue, 26 Mar 2024 10:03:10 GMT
vary: Accept-Encoding
etag: W/"66029d5e-2832"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvoTfbip%2B8O9W%2B2YJvhq%2FCCmdSUReDHSIC2OQh38CorSPTZ0vOO27jMYQylvqfEMgsq6HFF08Zcmf3jyNrOFPreYW7Zo4rR%2FXgCbkoOLLSu5HYa%2FdPZ%2FQBc6UCcv%2FVqCVtIkbV4T7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d16361935568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newsmixer-column.com/api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1

104.21.15.168

200 OK

4.3 kB

URL GET HTTP/3
newsmixer-column.com/api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1
IP
104.21.15.168:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D
Certificate
IssuerGoogle Trust Services LLC
Subjectnewsmixer-column.com
FingerprintDA:8E:36:D6:46:0F:B9:AC:6B:CF:EE:A0:8C:3B:9D:75:43:AC:ED:FA
ValidityMon, 22 Apr 2024 10:18:53 GMT - Sun, 21 Jul 2024 10:18:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2832), with no line terminators
Size
4.3 kB (4265 bytes)
Hash
8947de92545585fa79ca0604ad4969e0
0daad56251d92f47a34917f622d5721557bf7d27
d25dfe081b3e979d4ef8a594bcdffbf9fdc95b5301d67a1c6c693b2719a1aa87

HTTP Headers

GET /api/get-n-item?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=%5BSID%5D&language=RU&blang=en-US&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08&hash=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&project=1 HTTP/1.1
Host: newsmixer-column.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newsmixer-column.com/preview/new?clckid=1c79fcd3&d=mixer-newspaper.com&sid9=preview&utm_campaign=55087&utm_content=a45ce60c-d3f6-4650-abfa-0c5d66e8702b&utm_medium=11305&utm_source=[SID]&uid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Cookie: duid=news-b7fdf65f-93a9-4ea9-ab86-574b00766f08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:50:40 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6hp1H%2F5OVcX3RRqAAXl9HMVeWsaDMFUmG%2BiMF4CMzzLL6fu6vg5l55xKpNxYPfjmkX%2FjRErHwgevLjWB3v0NSKflNR6mGtbnn%2Fj4q0%2BtTsDeoBdGVDqY2qL98t8vF8m7bcdd%2FnVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d1638fc24568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML