r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12139
Expires: Tue, 25 Oct 2022 08:08:06 GMT
Date: Tue, 25 Oct 2022 04:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa3568a0c808f214ec1750c82d4aa30b
cfda8b1b232b28578f961106ab83e83e1b60e692
fc17b51aabbeb046ac5a9f07fc031503973e2b52050bd8b823baec038ef5d09c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC17B51AABBEB046AC5A9F07FC031503973E2B52050BD8B823BAEC038EF5D09C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7438
Expires: Tue, 25 Oct 2022 06:49:45 GMT
Date: Tue, 25 Oct 2022 04:45:47 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 41 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c230274067b2f2dc6097f2a9334bf3c9
97f59c00febd5a8a8dfe17ab355d964e7c2dcfa8
cae54b77e2271ab974a2318d1f23396ff262dc11cbdf21d804ed8a9bacc87562
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: V9mactgaZfzeu6gmKqQBrloN8-WAoWj1Wy1ueoF55oedTkTv_j4WVw==
content-encoding: gzip
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:39:06 GMT
age: 401
content-type: application/json
content-length: 40877
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7204
Expires: Tue, 25 Oct 2022 06:45:51 GMT
Date: Tue, 25 Oct 2022 04:45:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z8dkSsj7oK+k1cCUF/ByClGP4wv1ZzH20gAzKpLn8Ykom+lOModc6XR69xtx3+81infubEMtQUs=
x-amz-request-id: E6N7S7GEN6NPP9JS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 04:08:47 GMT
age: 2220
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 25 Oct 2022 03:53:05 GMT
Expires: Tue, 25 Oct 2022 04:32:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uDHsz_j7cn9ZwP4a7CpVTqJUBC5b2amC1-eTMaK_RoYHtVwcY8s68A==
Age: 3162
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 04:45:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mgb888ph.com/
207.174.215.212200 OK 17 kB IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1024)
Hash dc37dcf03d3787b3bb894c9e9d871cde
3cb22e9e488d92a656b536f231ce134bcac811a1
650d462e1af82bbcf9efa0da1d03567151c6ce71560c8c07ad0619d8a5c20e64
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 30 Jun 2022 02:54:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16966
Keep-Alive: timeout=5, max=75
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyBpN0oc0NeZv9JolJSIzQRNW9IkUOfKrxw
142.250.74.10200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&key=AIzaSyBpN0oc0NeZv9JolJSIzQRNW9IkUOfKrxw
IP 142.250.74.10:0
File type ASCII text, with very long lines (2456)
Hash 2fa47e5c0b27bd90120e1b6abeb595b5
3dd9435fa91353d255bf4a39c8588640bafa38d0
ddb83d80264893e65848de0a487fb83033de0d815575a98513aaa3265ff97e58
GET /maps/api/js?v=3.exp&key=AIzaSyBpN0oc0NeZv9JolJSIzQRNW9IkUOfKrxw HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mgb888ph.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 25 Oct 2022 04:45:47 GMT
expires: Tue, 25 Oct 2022 05:15:47 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54013
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mgb888ph.com/js/plugins/revolution/css/settings.css
207.174.215.212200 OK 10 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/css/settings.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (352)
Hash 56f4dc90c6712cef5b4c905c885cfaf2
3d2e4952f76d4348ce6b5f9df324e929c9409f5f
595495dc01ec648b5534d8115b0c445bb22c1378c06dc346ef75564948595b32
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/css/settings.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:47 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10183
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/styleswitcher.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/styleswitcher.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 7ee0c68d3f90a719a24cdd31637c4297
6c9875d802e64e6a298b6823b28c7005fa491123
a74fc9fe85cd405f52f5f4fed59f3eb4b3d7f449d4054cca15dd2875790c231c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/styleswitcher.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Jun 2022 01:26:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1164
Keep-Alive: timeout=5, max=75
Content-Type: text/css
mgb888ph.com/css/bootstrap.min.css
207.174.215.212200 OK 30 kB URL HTTP/1.1 mgb888ph.com/css/bootstrap.min.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65318)
Hash e2708049618efe8491895a5ba7f84d1d
f2c5574d7946860d11ce83f91176b9747ab6a197
c01e67725d5cb0d5702b2e69f6ea0a768cca91d80f371264733bac757b12af13
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/bootstrap.min.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Jun 2022 01:25:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
mgb888ph.com/js/modernizr.js
207.174.215.212200 OK 5.9 kB URL HTTP/1.1 mgb888ph.com/js/modernizr.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (12314)
Hash 54d8d4afdb10258919de4d7c2bbfe40b
0424ddd0a5c2000507648c31b100eec76e603f63
79955a6761221bb3b777b601a1b6626b3ac876965e7edd40b83b8269a1d67d4f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/modernizr.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Jun 2022 02:03:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5919
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 25 Oct 2022 04:33:32 GMT
Expires: Tue, 25 Oct 2022 05:03:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i-7C7Gbzhk25VPeVZ2FddAuPQv9XcTO-D_48SfGFbMXgwyJf4GX78g==
Age: 736
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mgb888ph.com/css/font-awesome.min.css
207.174.215.212200 OK 7.1 kB URL HTTP/1.1 mgb888ph.com/css/font-awesome.min.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/font-awesome.min.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:25:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6162
Cache-Control: max-age=104619
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:48 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:49:27 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
mgb888ph.com/css/magnific-popup.css
207.174.215.212200 OK 2.7 kB URL HTTP/1.1 mgb888ph.com/css/magnific-popup.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a60aed8e02bc0c9cd752a5cb079cfde8
1e936aa380bad543ef0ec33bd8c9f7f0c1e7f3b5
b0623fb372d0bec34420a3f8d9551aa09be25b9c68cf3eff4cfbb962cae2b881
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/magnific-popup.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:25:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2690
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/js/plugins/revolution/css/layers.css
207.174.215.212200 OK 20 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/css/layers.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 540b176c64a7ff9b6e84d1f5101fe0af
d57fb3e587cd7d967568603aafd087dae11d8e58
1fc68f7a8fa8a8cb7623f97ca53e194a8388a671a3c3700c88c64834b20fdbb9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/css/layers.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Jun 2022 02:04:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
mgb888ph.com/js/plugins/revolution/css/navigation.css
207.174.215.212200 OK 18 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/css/navigation.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d4d10e593d6733fae982b500156fa254
0534d1d73a13e8a76b19618ce3b1263cacf6ab58
a609ac5e305452c7900fdb1592439ab9d0d38e99a210a30d7efe46d755739b5b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/css/navigation.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 16 Jun 2022 02:04:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
mgb888ph.com/css/style.css
207.174.215.212200 OK 18 kB URL HTTP/1.1 mgb888ph.com/css/style.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 (with BOM) text
Hash 826ac760a96704d6466a4c1e0fce3f92
51089f86659691cc1171610722d1478da01a5683
ea3a6766ff7c1c6b4b36da67b63b3f4f1884378f14c51e135bb0acab6935011c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18137
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/yellowgreen.css
207.174.215.212200 OK 1.3 kB URL HTTP/1.1 mgb888ph.com/css/skins/yellowgreen.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash eabb68f1fd745cca6439f6b1c24a07ee
41ae45ad08df24d7a898cc888b90437a45977006
ac0bc0cf25e0c88ee65b6a76d3673362d7188d18b45ca11839053dd4037e3ccf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/yellowgreen.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1256
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mgb888ph.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:13:13 GMT
expires: Tue, 24 Oct 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 27155
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mgb888ph.com/js/plugins/jquery.easing.1.3.js
207.174.215.212200 OK 2.8 kB URL HTTP/1.1 mgb888ph.com/js/plugins/jquery.easing.1.3.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash def61d453b55428f36bf1e9fa6c30183
7034d21982faba0d22d7085d7f071c16b5014629
862ec44fdd4dd0cf0580f7852ecf15dc07a21b664505023845d8843bd13f1393
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/jquery.easing.1.3.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2763
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/jquery.bxslider.min.js
207.174.215.212200 OK 6.4 kB URL HTTP/1.1 mgb888ph.com/js/plugins/jquery.bxslider.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19040)
Hash 3c45b35ba504f57470e6afd4358b3c89
7c57a5643b0eeb524f8ca9bd2eac1c517aba5ac8
9de6c9850e592a77c1b0722dc70fc86ac4c61c7b76461174c5effbce5b11ed31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/jquery.bxslider.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:03:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6375
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/jquery.filterizr.js
207.174.215.212200 OK 12 kB URL HTTP/1.1 mgb888ph.com/js/plugins/jquery.filterizr.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e91a9b28e9f3464cba763a891c491970
ddb65c1eaf22aafab061c714afb0ed7b2c844969
3cda98b68d76fa053b7fd478ea495690b94448561000c62357e9cea60529af3f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/jquery.filterizr.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12077
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/jquery.magnific-popup.min.js
207.174.215.212200 OK 9.6 kB URL HTTP/1.1 mgb888ph.com/js/plugins/jquery.magnific-popup.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (21071)
Hash 0917e6ec15a4c25395b7e82a5edb3369
aed548ac0d3eaa89a83b10d005040471fbd0f378
9d74b8c3c3e14e88e6ef66912fa9bfe10b106ec076975578c0abbd2cce551973
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/jquery.magnific-popup.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9603
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 04:45:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mgb888ph.com/js/jquery-2.2.4.min.js
207.174.215.212200 OK 38 kB URL HTTP/1.1 mgb888ph.com/js/jquery-2.2.4.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32065)
Hash 619e5664a321b65bf4139f82773dbd80
b149909fa3281f2c0f6217ea74d90c97e90eb82f
4cb103cc24504b415bc9667e315a515ddbd58b2e17c82adff5a9fe25f12300fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery-2.2.4.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:03:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z5piQgc0PlLTvHLDkJAYuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S0ZN6oUovAinQrCJ37ei4pev7Mo=
mgb888ph.com/js/plugins/bootstrap.bundle.min.js
207.174.215.212200 OK 28 kB URL HTTP/1.1 mgb888ph.com/js/plugins/bootstrap.bundle.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65291)
Hash 1fbda93460058df98f8d3774b376d42d
c44a8ada2ec9c90eabd7699267712efd4e70cd80
27b15c67b6b0e04c353c5a9c84a4c9323662946f7e5c8deeaaf47c46355cabf2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/bootstrap.bundle.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:03:59 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
mgb888ph.com/js/plugins/jquery.singlePageNav.min.js
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/js/plugins/jquery.singlePageNav.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2375)
Hash c59a9a9e20d976b006944ab58719dff6
363fe681b812710f9359b12c94cf70bd1f5c490a
9bb1304278a48833624243fbf33e2b519f5b029ed5d1810b01c4ccc0631ff8a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/jquery.singlePageNav.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1150
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/jquery.themepunch.revolution.min.js
207.174.215.212200 OK 21 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/jquery.themepunch.revolution.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32010)
Hash c2adf5dc5eb26b18952f6160fa78c872
bd177882498f1ed12da190f33d4081929706207c
6142e50c57543abbf469e3eb1c5cd7a08c9a764b5868ca3de4e4aa7b0b20e581
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.actions.min.js
207.174.215.212200 OK 2.6 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.actions.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7493)
Hash 75cdfe7ad10536c8852cd9f866a4fd00
cc05b91323b418ca842546a2bdb8ce80eadd7aa0
a3805fa03b8736b44fadc3efb8e7697118a44258b10c43c006428349c664f2a5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.actions.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2605
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.carousel.min.js
207.174.215.212200 OK 2.8 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.carousel.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7127)
Hash 059876abcc86ea6ade00b54776448353
96d2a711922717b264437fc49fbffcb9682d3206
64b230f7da2ea30a33d8bec7a1b7c1d592af5caffdf5e19c85dd6b1a8d0edea2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.carousel.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2790
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.kenburn.min.js
207.174.215.212200 OK 1.3 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.kenburn.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2887)
Hash 768b5545856e005de2ede0a5a4f55c0a
6c127b2ebfa99c45ef6508bfdf162f0adc084760
d0e703c9327b3b68e5ca17fada16d3de6cf007c2bd955ba9fb0aae0942426fb0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.kenburn.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1328
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.layeranimation.min.js
207.174.215.212200 OK 11 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.layeranimation.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32040)
Hash b540ec5dd5457a12f4e6298e642864dc
aecfd0ef8b299a5e0d93baacc918a8b7aa2951d5
005930f2cefa6489e5e544a5e761e355006c7cc8d7c9c28ace5f613837bb10bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.layeranimation.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11115
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/jquery.themepunch.tools.min.js
207.174.215.212200 OK 46 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/jquery.themepunch.tools.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (26857)
Hash bbc12a7d1cd65c547d6826664c51faff
44ca581ed09cf653fda194a375092858dd2f8863
00a9bbc9833eabbbe1afe1e181d8a60f7dc9250ea2dcda6cdc579114159dba50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:04:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.migration.min.js
207.174.215.212200 OK 1.8 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.migration.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5692)
Hash 6414f4d270973ca4103a062060679f74
95f2a82e3b5504617e5dd444ae65b7ecdfb40639
c3c60bf3acabfb009e1110677d03f9798fd7890bd6255cb934ab295c64d5a4aa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.migration.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1842
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.navigation.min.js
207.174.215.212200 OK 8.7 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.navigation.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25550)
Hash ecba4fe78cddedc53b177ca22a440054
8cfebd20e7a236b754825833c4ccba16f4992d26
6ff7fb8f2a7d505aad0f30a9b71946984eb557e0a9bb4eda8a08fdbeed8c81a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.navigation.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8732
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.parallax.min.js
207.174.215.212200 OK 3.5 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.parallax.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8780)
Hash c05fe8f0715bbd27780e021866250f49
bee5ca831a433c6fa8d53b72674f4bbe292c227b
bd01425decc3a7c7b7b42179516ee7c9df24809a44612376a8176d2b4e88aab3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.parallax.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3466
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.slideanims.min.js
207.174.215.212200 OK 8.1 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.slideanims.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27879)
Hash a6ea6fe1c2bee39dd5bfa4d6ed64ca25
c0d9a0ddba47c504a0676a79003a4b9a767ac0eb
274315319518e4bad1c3ea4c42a3d2500dd223c93511f2bbb4ad16360fbf1a5d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.slideanims.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8102
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.video.min.js
207.174.215.212200 OK 8.4 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/js/extensions/revolution.extension.video.min.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (23294)
Hash daea8184e9fe179d86da561761b94e0e
7eaddf17f12177081a583774ee5c0b39177debd3
8808a1537697040b1bedc5392e71655fd9e9eff74bd4823e676fc139608a29d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/js/extensions/revolution.extension.video.min.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8351
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/js/custom.js
207.174.215.212200 OK 2.6 kB URL HTTP/1.1 mgb888ph.com/js/custom.js
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash fe512f31f2e0454ec7cc4dc2541274b2
77bb28d72487fa57cb7674ae1c60c259ab00710d
9bd2e2074c76539b6e390453f9cdaebfefaa7df02b2d5b1bb3cd15c5849157e2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/custom.js HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:03:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2593
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
mgb888ph.com/img/projects/icons/gallery-icon.png
207.174.215.212200 OK 3.2 kB URL HTTP/1.1 mgb888ph.com/img/projects/icons/gallery-icon.png
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 3234dfa750f50ae1034f92ce7851ed43
34d600574a13e9cb776bd4da134beee1ff4b1d8d
d93a82490bd618b45ce593327cff57313c0ddc13e1f187da2addda2bdeeffe04
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/icons/gallery-icon.png HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:28:27 GMT
Accept-Ranges: bytes
Content-Length: 3226
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900
IP 142.250.74.10:0
Hash 446c953b5bac0ae29249f94a378bf374
928954cef301ab18a397f29d36d82fef301715f6
e2d3122e4254edbde9cb3e68ef15450d31f272a850f7f755cf9a6fe57eadd2cd
GET /css?family=Raleway:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mgb888ph.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 04:45:47 GMT
date: Tue, 25 Oct 2022 04:45:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mgb888ph.com/img/projects/icons/video-icon.png
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/img/projects/icons/video-icon.png
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 19 x 26, 8-bit gray+alpha, non-interlaced\012- data
Hash 61f3a467d68b67ebe97c7cb6a2503aa3
93784499a6cf81364bdc9f5496e4c70be2425281
a4c6b18f593b77bcd30117bc3ff9fb462d5a338f17883f9b9de91375da98b6a5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/icons/video-icon.png HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:28:28 GMT
Accept-Ranges: bytes
Content-Length: 1170
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
mgb888ph.com/fonts/fontawesome-webfont.woff2?v=4.7.0
207.174.215.212200 OK 77 kB URL HTTP/1.1 mgb888ph.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mgb888ph.com/css/font-awesome.min.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:30 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff2
mgb888ph.com/img/sections/testimonials-bg.jpg
207.174.215.212200 OK 134 kB URL HTTP/1.1 mgb888ph.com/img/sections/testimonials-bg.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=650, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x650, components 3\012- data
Size 134 kB (133617 bytes)
Hash 91b185933b51e89a09c8cac70d87effb
2b7f1a0e535f85f44418eb2757fa678029518ffa
77cfd9aef517d0b75386486ea6a062f0fe9387200de2d59e6eaf610a328e0e72
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/sections/testimonials-bg.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 04:14:52 GMT
Accept-Ranges: bytes
Content-Length: 133617
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/css/skins/orange.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/orange.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 6de91b21b5032439dc04c3e1872c8c27
7d8fb4a041793f1afccfbfd33d63b37b885506f6
3a2c0d7c0bd506a4cb4a6e330eec86c81640beb0c9b501b9c808dc90c89aee25
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/orange.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1248
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/yellow.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/yellow.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 7e0e4915f214de8cf0d0c0d4a188e5bb
ae2aebd807464c17b391b5f1cb7128ad1450d066
604b61003bea0f67999c08efb9d975a480415825fbc2e310fac7eebc6f43d69e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/yellow.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1249
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/purple.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/purple.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash e31d425df04288640075003f0e3f2901
bc86bd359fa9b947f7e74c697c0cf2912c15ab9f
02a6f0e35d6d3f9da2e8b67ac7512fb6d01131b42c1d402a04b113feef541896
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/purple.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1248
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/blueviolet.css
207.174.215.212200 OK 1.3 kB URL HTTP/1.1 mgb888ph.com/css/skins/blueviolet.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash a7db7fbdb9a4c1f112a86d323bf71ddb
15a166c4d539853942f37592ff3575123c856e3a
580e4e49d2dc3aff28378f4730168573d4f6cb6047192706ad8366068d5d7116
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/blueviolet.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1254
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/img/sections/projectmanager-bg.jpg
207.174.215.212200 OK 102 kB URL HTTP/1.1 mgb888ph.com/img/sections/projectmanager-bg.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=650, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], baseline, precision 8, 1600x650, components 3\012- data
Size 102 kB (102451 bytes)
Hash 9b236a2d0b8ff7b28e1e53ff30e491d1
bdb7bc1d24c2645cedb0b461c07dbc5475a5fd32
752a4d872d1ac80cd34048c6d5b51275722dc624a27c0965d964dd02753997c9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/sections/projectmanager-bg.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:48 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 10:55:42 GMT
Accept-Ranges: bytes
Content-Length: 102451
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/css/skins/green.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/green.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 3ab1b599e341b7ec5baed21ca75cf116
0788e4eec0a8c524519f1b13b7d878b9d8f3d2bd
0f1060ceb7d49c8eec8854a89f0cb48e87e8e098634bc0a27e248e8a5ed50806
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/green.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1249
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/magenta.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/magenta.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash ce1c7940586d899bce4ba1c50fe16db5
5dfc24a3fb3a96f7ea7cc7354bb3933cdfa213e2
456c1dacec92607d59ecdf70e97db5cacc4e3d3fa9a714360e6368dcb8088913
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/magenta.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:09 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1248
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/blue.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/blue.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 46c6b4375bbe0e518d6ba8cd778dacf9
9755afe1047ddf2324bef168b69c1c947b884f99
f358a06514154eb1d045bef2053df00c188ed67c32974bc0e17169b7ef6c2e4d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/blue.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1248
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/goldenrod.css
207.174.215.212200 OK 1.3 kB URL HTTP/1.1 mgb888ph.com/css/skins/goldenrod.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 89ab9725aef7cb36f8761c9268eaa880
6db4830df92005640562e38e588ee7e2f336ab88
2a336d56e3e91c2c7712d1f8074f5d190d9e77aa794f98a340804a4da51dddf9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/goldenrod.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:07 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1250
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/css/skins/red.css
207.174.215.212200 OK 1.2 kB URL HTTP/1.1 mgb888ph.com/css/skins/red.css
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (471)
Hash 0ead3e966f66f8ce5b84687284fc0c04
53c3b560596b5f05ed5bc132009561dcd5262938
fbd8f4d74eb849b8a0273f3f06d19e6491cc3b9b0c5fb69544d10a460e6d1fad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/skins/red.css HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:26:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1238
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/css
mgb888ph.com/img/testimonial/client1.jpg
207.174.215.212200 OK 19 kB URL HTTP/1.1 mgb888ph.com/img/testimonial/client1.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=112, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=112], baseline, precision 8, 112x112, components 3\012- data
Hash 59044aba4cef9a4c617d9123fbfd56e9
4c6419cfae70a9908effb0afee372ef3ff502cfd
8f5ff15f28974833b96832e5e18a980cd30d996a8942b7752ccae5b19233c752
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/testimonial/client1.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 04:16:18 GMT
Accept-Ranges: bytes
Content-Length: 18699
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/projects/project-6.jpg
207.174.215.212200 OK 97 kB URL HTTP/1.1 mgb888ph.com/img/projects/project-6.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=470, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 700x470, components 3\012- data
Hash cc33cb70c0409ab0089415a25e8f3796
9fcd104ef787890837901a2de9f18daa07bd6955
d8da8ffcd2ebd9715eebde270c8712f84bc3453261c77dd525fc0302a9b3c996
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/project-6.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 05:43:41 GMT
Accept-Ranges: bytes
Content-Length: 96931
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/projectmanager.jpg
207.174.215.212200 OK 170 kB URL HTTP/1.1 mgb888ph.com/img/projectmanager.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=424, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=424], baseline, precision 8, 424x424, components 3\012- data
Size 170 kB (170148 bytes)
Hash 4926db6d9c1b0783a204ecab010ad06c
6178e7b9ca76ffab614c492ca5e24fa3f4f11713
8752542db889093e0579c43c6a0e21f139607e215935878aaf534a090ddfc5a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projectmanager.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Sat, 18 Jun 2022 14:52:24 GMT
Accept-Ranges: bytes
Content-Length: 170148
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/projects/project-10.jpg
207.174.215.212200 OK 130 kB URL HTTP/1.1 mgb888ph.com/img/projects/project-10.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=470, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 700x470, components 3\012- data
Size 130 kB (130056 bytes)
Hash b4d6392ece481a101cac477578c4cc6b
b2196ac54c50b94e529ac8e80be3a145c3665794
26107e1d31189d062b9d45ab772babd5e6dfc88a8354e417fc426e48eaa54527
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/project-10.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 30 Jun 2022 02:51:58 GMT
Accept-Ranges: bytes
Content-Length: 130056
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/about.jpg
207.174.215.212200 OK 140 kB URL HTTP/1.1 mgb888ph.com/img/about.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], extended sequential, precision 8, 1560x1170, components 3\012- data
Size 140 kB (140260 bytes)
Hash fd85e24ac5885f9d4afd8dfd3da5979b
943b1ab7b66b85324d60dd61d2be0602b1c19167
6710239e9d7711a9feff49378b42706384a56cc98197e624915230e8350661ca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/about.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Sat, 18 Jun 2022 10:57:20 GMT
Accept-Ranges: bytes
Content-Length: 140260
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/projects/project-8.jpg
207.174.215.212200 OK 135 kB URL HTTP/1.1 mgb888ph.com/img/projects/project-8.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=470, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 700x470, components 3\012- data
Size 135 kB (134713 bytes)
Hash 40ebdcb78e0a56f7f95a8428d99d33cf
4bdc26ffbc68cfd2dba8d65d4fe4da880aa18e35
b0e8ea585691cd5bf4575991ae8d3d43a48f8219b2507c3e9bef8cfb88bdcc38
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/project-8.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 05:43:43 GMT
Accept-Ranges: bytes
Content-Length: 134713
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/projects/project-2.jpg
207.174.215.212200 OK 128 kB URL HTTP/1.1 mgb888ph.com/img/projects/project-2.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=470, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 700x470, components 3\012- data
Size 128 kB (128160 bytes)
Hash cd271fc1dba16b0dc127891d82816742
ccd6a7b99eae36b37c5d6a51002de2aad6b18a08
c7fa0dec6644779c13f24bff197c7fed047b9e211511b42cb3b655760cd55fa7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/projects/project-2.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 05:43:36 GMT
Accept-Ranges: bytes
Content-Length: 128160
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Tue, 25 Oct 2022 07:27:46 GMT
Date: Tue, 25 Oct 2022 04:45:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Tue, 25 Oct 2022 07:27:46 GMT
Date: Tue, 25 Oct 2022 04:45:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Tue, 25 Oct 2022 07:27:46 GMT
Date: Tue, 25 Oct 2022 04:45:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Tue, 25 Oct 2022 07:27:46 GMT
Date: Tue, 25 Oct 2022 04:45:49 GMT
Connection: keep-alive
mgb888ph.com/img/team/member1.jpg
207.174.215.212200 OK 103 kB URL HTTP/1.1 mgb888ph.com/img/team/member1.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=600, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x600, components 3\012- data
Size 103 kB (102924 bytes)
Hash de5bc8ae1acd6767abd7357df5b06ce0
256e3f81c8f6d6ed5623da9829b374b43e0799f7
fbdf531c6cac1eb8597654ddf8dd74f987d19f31ae8e16e500d25ec3ce24e4f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/team/member1.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Sat, 18 Jun 2022 11:01:08 GMT
Accept-Ranges: bytes
Content-Length: 102924
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Tue, 25 Oct 2022 07:27:46 GMT
Date: Tue, 25 Oct 2022 04:45:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e41dda631c7f2ee5e664d43e48af31
5a8579a70d8791a19e0192995c46594e242e864d
c26bec6c4527220272777fe7b3209d8726c94105955ef15f05a584bae50ae719
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: c37a1abe-9823-4181-a64f-5cc074cfdf2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3OeGxOoAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357058f-10c7cfed331c043e00a600e0;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:37:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ltiKOh8lG4pGE5tYpouvCu-KMHifbcFs9LgYLbEfYTD36Aw9xYEsKw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:49:13 GMT
age: 24996
etag: "5a8579a70d8791a19e0192995c46594e242e864d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KfIXjRxRZXL0gD2Etdn5kfEjPkqA-faF2KHqrWikR0etkh6oGU4ifw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:50:09 GMT
age: 24940
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4187937-4231-40b4-ad9b-64f01574c759.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4187937-4231-40b4-ad9b-64f01574c759.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f221d25faa21470234ce71bf4c932d1
645eaf4c0b5fddecf421e60cec8383b18aa9ade1
fed14838d30250a3e543b00460f099db77084cbe8be03d6dcd4bf41f3e843125
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4187937-4231-40b4-ad9b-64f01574c759.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11349
x-amzn-requestid: 77b0c67b-2d3a-4709-8d37-56e88e1e775d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aeinHEPeIAMFy7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b160-188b105c38aa92140d1f8f5d;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:25:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S12A9P61GBSoM5ef5dFfDArjHefYucTaZxqldeSQ-poQmaoHqL7Klw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:35:57 GMT
age: 76192
etag: "645eaf4c0b5fddecf421e60cec8383b18aa9ade1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 08:34:45 GMT
age: 72664
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f22a424f72f369a3511d6af25d67a82
e9aabd2daee2d2e6265a69e309542c5b5983d1f2
600f1a4989fe65b14cfe5234c8bc723834d53543026c13eaf8217b22d3a3a9a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ac739ea-5d5d-4900-8e3f-c815c25f5c8d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11916
x-amzn-requestid: 319eaac6-dfda-4a48-ae9a-612650705bd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: afdKuHK6IAMFnXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63560f11-61545bf1110795c0299b85f4;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 04:05:37 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wrxksbQXK96TvYk2rEf5biIaLtjbB1ia0FpYxnd908Dd_MkKQSRCtQ==
via: 1.1 0da7848263e39308b12bac6a925793b0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 15:02:35 GMT
etag: "e9aabd2daee2d2e6265a69e309542c5b5983d1f2"
content-type: image/jpeg
age: 49394
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1970a25715283fecf7a05a199bf4cae6
3a3005e722d2e89c9218c34ba283bbcde72e4bbc
624f6f86abe8c7cb8b24669851103baf152802c3ea915dcdea88ce984d468361
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3694988-223c-4449-a1a5-28c1de7da771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11051
x-amzn-requestid: 2eef9564-c660-421d-aff6-40644b72ffa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFfupETyoAMF3qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bacc3-48a6442d4ec030f50e8f8f13;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:03:32 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HgK4QTgdR6OSGV86ooPEJ0_jtGehzs1DHgeynAoCthtKlAAohrKVSg==
via: 1.1 912d83c7c9b4676eb19f09c9bfabda24.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:12:04 GMT
age: 23625
etag: "3a3005e722d2e89c9218c34ba283bbcde72e4bbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mgb888ph.com/img/team/member2.jpg
207.174.215.212200 OK 54 kB URL HTTP/1.1 mgb888ph.com/img/team/member2.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=600, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x600, components 3\012- data
Hash c640e2bb9fd61d35c8c933e3e7e760fe
8ad35c1627c28526caf8f7b279089c6340d45156
ead0ecae3a31e22c69f231f1b366a0e811ceebae378ebd238ada86a196940148
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/team/member2.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Sat, 18 Jun 2022 11:01:08 GMT
Accept-Ranges: bytes
Content-Length: 53589
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/team/member3.jpg
207.174.215.212200 OK 49 kB URL HTTP/1.1 mgb888ph.com/img/team/member3.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=600, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x600, components 3\012- data
Hash caf8f3b9dd4ff7727baa7d6e0403f87b
8d4fedd6127213e7c19288d916a5191d8a8c6541
9cbb4176a2c7ac60b154fd6c5dffd83c54da403f43362be7ebb8fa97a9c27940
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/team/member3.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 02:39:09 GMT
Accept-Ranges: bytes
Content-Length: 48581
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/team/member4.jpg
207.174.215.212200 OK 134 kB URL HTTP/1.1 mgb888ph.com/img/team/member4.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=600, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=480], baseline, precision 8, 480x600, components 3\012- data
Size 134 kB (134306 bytes)
Hash d9e9787ef1a51cc87bfa01705afdbe45
66aed653ec71f53170bb2ac74f188d8611197689
60fbb4b41b16fd2125a39024002df98b040e800b0a77051257d8110d6c5bd4f8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/team/member4.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 02:36:43 GMT
Accept-Ranges: bytes
Content-Length: 134306
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/preloaders/preloader-yellowgreen.gif
207.174.215.212404 Not Found 358 B URL HTTP/1.1 mgb888ph.com/img/preloaders/preloader-yellowgreen.gif
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/preloaders/preloader-yellowgreen.gif HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/skins/yellowgreen.css
HTTP/1.1 404 Not Found
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 01:29:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: text/html
mgb888ph.com/img/logogif.gif
207.174.215.212200 OK 2.6 MB URL HTTP/1.1 mgb888ph.com/img/logogif.gif
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 640 x 540\012- data
Size 2.6 MB (2596320 bytes)
Hash f9f70a6ada253a3a74ef344cf91e474f
6f19833fd179ee2fb38ae7deca27f9416f099a4f
687a7bb8cd2a32e3411bb3331acdbfe2add428ae217ff347c76189301af42ef6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/logogif.gif HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 09:44:52 GMT
Accept-Ranges: bytes
Content-Length: 2596320
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/gif
mgb888ph.com/img/testimonial/client2.jpg
207.174.215.212200 OK 1.8 kB URL HTTP/1.1 mgb888ph.com/img/testimonial/client2.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 112x112, components 3\012- data
Hash 52f3abccd3219a8886b08d083d3402a3
f23682ea7e14d14702f06a08eb358ed74a534cef
3fd26206af44fd46f0ebc92dc970fd3cdf16167b75bba99eb5fe08c1fdb531f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/testimonial/client2.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:28:23 GMT
Accept-Ranges: bytes
Content-Length: 1820
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/sections/facts-bg.jpg
207.174.215.212200 OK 55 kB URL HTTP/1.1 mgb888ph.com/img/sections/facts-bg.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:11:29 20:17:22], baseline, precision 8, 1600x650, components 3\012- data
Hash 6ded20db3f7e263809473217876d181b
63d21d2c1a82844d81cbeefc160d0e9d23c4efe5
d30cb2cc61943a93bff322a7dea530d0d27615a65af7402c3913b842c40c7626
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/sections/facts-bg.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:28:01 GMT
Accept-Ranges: bytes
Content-Length: 55159
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/testimonial/client3.jpg
207.174.215.212200 OK 1.8 kB URL HTTP/1.1 mgb888ph.com/img/testimonial/client3.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 112x112, components 3\012- data
Hash 52f3abccd3219a8886b08d083d3402a3
f23682ea7e14d14702f06a08eb358ed74a534cef
3fd26206af44fd46f0ebc92dc970fd3cdf16167b75bba99eb5fe08c1fdb531f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/testimonial/client3.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:28:24 GMT
Accept-Ranges: bytes
Content-Length: 1820
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/img/revolution-slider/rotating-words/cover.gif
207.174.215.212200 OK 2.5 MB URL HTTP/1.1 mgb888ph.com/img/revolution-slider/rotating-words/cover.gif
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type GIF image data, version 89a, 640 x 360\012- data
Size 2.5 MB (2503013 bytes)
Hash 606cfc3173cf8306a3ec1383b3e6d956
45f1ff977920da4afd35ea557d42e7af5714f007
29f1188fc6c7a9bb73e453afa8235ac2e9f9fe2d1fa0b0f4cffcfffc36c86025
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/revolution-slider/rotating-words/cover.gif HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:49 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 09:54:58 GMT
Accept-Ranges: bytes
Content-Length: 2503013
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/gif
mgb888ph.com/img/sections/video-bg.jpg
207.174.215.212200 OK 1.1 MB URL HTTP/1.1 mgb888ph.com/img/sections/video-bg.jpg
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size 1.1 MB (1109928 bytes)
Hash 6227892be81f5cd1da2efa775d74a4f0
d2f18eeb4c31540b938f1e0801bd708e25ad2a15
a22deb54927f0e7bf608b49c20274b88c976fffa499d639b5b5325fe27304b7e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/sections/video-bg.jpg HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/css/style.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Mon, 20 Jun 2022 06:59:57 GMT
Accept-Ranges: bytes
Content-Length: 1109928
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
mgb888ph.com/js/plugins/revolution/fonts/revicons/revicons.woff?5510888
207.174.215.212200 OK 7.5 kB URL HTTP/1.1 mgb888ph.com/js/plugins/revolution/fonts/revicons/revicons.woff?5510888
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/plugins/revolution/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mgb888ph.com/js/plugins/revolution/css/settings.css
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 02:05:00 GMT
Accept-Ranges: bytes
Content-Length: 7536
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff
mgb888ph.com/img/favicon.png
207.174.215.212200 OK 56 kB URL HTTP/1.1 mgb888ph.com/img/favicon.png
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 292 x 264, 8-bit/color RGBA, non-interlaced\012- data
Hash 4955eea51413337cfb0ffc9ebf0725e4
548942445b65639684a1985bd3aae6a90e33f6fc
f2b852f2bb874fedc5a208d47b8002605d70d9ca7aacedcc53e680ba83bef3ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/favicon.png HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:50 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 10:01:16 GMT
Accept-Ranges: bytes
Content-Length: 56378
Keep-Alive: timeout=5, max=63
Connection: Keep-Alive
Content-Type: image/png
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.163200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.163:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mgb888ph.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Tue, 25 Oct 2022 04:45:50 GMT
expires: Tue, 25 Oct 2022 04:45:50 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mgb888ph.com/img/markers/yellowgreen.png
207.174.215.212200 OK 608 B URL HTTP/1.1 mgb888ph.com/img/markers/yellowgreen.png
IP 207.174.215.212:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ea72c97f8b2ebc2dad4b87d5194077e
834a4452668eaf8d7ea83c071732a682266ac9ed
a086f2d3b9149d5638f9ecc1ff0153c01754099cc4838ad81c57ee1aea855271
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/markers/yellowgreen.png HTTP/1.1
Host: mgb888ph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mgb888ph.com/
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 04:45:51 GMT
Server: Apache
Last-Modified: Thu, 16 Jun 2022 01:27:37 GMT
Accept-Ranges: bytes
Content-Length: 608
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mgb888ph.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 465103
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mgb888ph.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:07:32 GMT
expires: Thu, 19 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 484699
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2