Report - mgnetu.com/full/?api=bfa244894c752b64eaa1294dc83ff36d560f708a&url=bWFnbmV0Oj94dD11cm46YnRpaDozRTcxMERFRThBMDY2N0REREQ0NzY4ODQ4RkMzQTZCREJDOTc3RDdCJmRuPVBhcGVyJTIwTWFyaW8lMjBUaGUlMjBPcmlnYW1pJTIwS2luZyUyMCU1YlhDSSU1ZCZ0cj11ZHAlM2ElMmYlMmZ0cmFja2VyL

Report Overview

Visited public
2023-11-28 03:52:10
Tags
URL
mgnetu.com/full/?api=bfa244894c752b64eaa1294dc83ff36d560f708a&url=bWFnbmV0Oj94dD11cm46YnRpaDozRTcxMERFRThBMDY2N0REREQ0NzY4ODQ4RkMzQTZCREJDOTc3RDdCJmRuPVBhcGVyJTIwTWFyaW8lMjBUaGUlMjBPcmlnYW1pJTIwS2luZyUyMCU1YlhDSSU1ZCZ0cj11ZHAlM2ElMmYlMmZ0cmFja2VyL
Finishing URL
mgnetu.com/5bN7
IP / ASN
172.67.146.233
#13335 CLOUDFLARENET
Title
Mgnetu.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
encouragedrealityirresponsible.com	unknown	unknown	No data	No data	2.9 kB	31 kB	173.233.137.60
ourdesperate.com	unknown	unknown	No data	No data	489 B	467 B	192.243.59.12
ad.a-ads.com	26970	2012-07-07	2013-04-19 23:54:57	2023-11-27 21:26:44	1.6 kB	48 kB	78.46.32.91
images.vfl.ru	275945	2001-02-13	2012-10-04 04:24:47	2023-11-18 11:11:14	451 B	9.5 kB	212.47.236.38
static.a-ads.com	34827	2012-07-07	2013-06-01 18:47:05	2023-11-27 19:56:25	1.4 kB	1.4 MB	148.251.13.139
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-27 11:39:00	816 B	173 kB	172.64.197.8
www.profitabledisplaynetwork.com	unknown	2023-03-02	2023-03-03 20:51:52	2023-11-26 18:19:20	458 B	30 kB	173.233.137.44
mgnetu.com	93129	2019-07-12	2019-07-13 13:27:43	2023-11-20 05:54:08	16 kB	1.2 MB	172.67.146.233
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-27 07:17:39	488 B	2.1 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-27 07:14:04	1.1 kB	31 kB	142.250.74.163
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-27 18:55:43	433 B	417 B	18.185.201.157
definedbootnervous.com	unknown	2023-05-22	2023-05-22 04:09:17	2023-11-09 15:35:31	446 B	12 kB	192.243.59.20
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-11-27 10:53:54	459 B	53 kB	142.250.74.34
reluctantconfuse.com	unknown	2023-11-25	2023-11-25 09:52:53	2023-11-27 17:15:51	2.9 kB	31 kB	173.233.139.164
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-27 07:09:06	482 B	192 kB	142.250.74.67
grunoaph.net	unknown	2022-08-31	2022-08-31 21:18:02	2023-11-25 21:23:14	1.9 kB	34 kB	139.45.197.238
chpadblock.com	unknown	2022-05-26	2022-05-26 19:22:01	2023-11-18 19:10:02	905 B	105 kB	95.217.119.176
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-11-26 14:13:39	420 B	843 B	172.67.219.12
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-27 20:33:00	919 B	159 kB	45.133.44.10
capaciousdrewreligion.com	unknown	unknown	No data	No data	498 B	467 B	192.243.61.227
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	461 B	1.4 kB	142.250.74.132
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-11-27 18:56:26	465 B	739 B	139.45.195.8
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-27 08:01:03	350 B	942 B	143.204.53.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-27	medium	encouragedrealityirresponsible.com	Sinkholed
2023-11-27	medium	encouragedrealityirresponsible.com	Sinkholed
2023-11-27	medium	encouragedrealityirresponsible.com	Sinkholed
2023-11-28	medium	definedbootnervous.com	Sinkholed
2023-11-28	medium	reluctantconfuse.com	Sinkholed
2023-11-28	medium	reluctantconfuse.com	Sinkholed
2023-11-28	medium	reluctantconfuse.com	Sinkholed
2023-11-28	medium	ourdesperate.com	Sinkholed
2023-11-27	medium	profitabledisplaynetwork.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 172.64.197.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	definedbootnervous.com/d41051160661bc12d56689ea012299f9/invoke.js	ScriptElement	30 kB	2023-11-28	2023-11-28
Pretty URL definedbootnervous.com/d41051160661bc12d56689ea012299f9/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 04:52 Last Seen2023-11-28 04:52 Times Seen1 Hash 3141d6d88022997d6a0881c0db6081b9 8a9e3c0daf714fad186866c3a2f4e118f6a952be d873c6297f648756eea9b05038bcd8460476ca8c7638667d9c6ee223360be532 Loading...

	mgnetu.com/js/app.js?ver=5.3.0	ScriptElement	20 kB	2023-03-12	2024-12-05
Pretty URL mgnetu.com/js/app.js?ver=5.3.0 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:37 Last Seen2024-12-05 17:59 Times Seen5 Hash 391633bb2f42a7b4816cd25d8209a44a 15944875225c9e3e7c0415fed3b9a680a13dab2e 66cfc53fd3112b4462a11399b0daf650ad7dbbdb803c3448055378d7fbb4eb9b Loading...

	mgnetu.com/js/ads.js	ScriptElement	106 B	2023-03-08	2025-04-06
Pretty URL mgnetu.com/js/ads.js IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18 Last Seen2025-04-06 23:42 Times Seen71 Hash 31129bbaf6802ed0bdd11a024afe7646 22ea0726f15adb8b677d9b4b829b39ce61da1bfc 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee Loading...

	www.profitabledisplaynetwork.com/ee9bf356d601332a3ace39ce6d63a346/invoke.js	ScriptElement	30 kB	2023-11-28	2023-11-28
Pretty URL www.profitabledisplaynetwork.com/ee9bf356d601332a3ace39ce6d63a346/invoke.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 04:52 Last Seen2023-11-28 04:52 Times Seen1 Hash 2f06eb52824fc5378f21170804983d37 e92fc0bfc74450343080767a0f314d01dfa36fe0 24e34eb0c9ae3bf3a78ce400814aee39d10bcb1f28a3dca09358996c984c2927 Loading...

	unknown	ScriptElement	1.1 kB	2023-07-07	2025-02-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2025-02-19 05:08 Times Seen12 Hash 1d14824df3a7c23e5bb65ad756bf06cd 2e68aa15e8fc5f1ae8bb854ce9480f12b2886851 bb9b3b7a5be4afb39b69484874384bd56ee8be58d489c66b509c73279cca357b Loading...

	mgnetu.com/vendor/bootstrap/js/bootstrap.min.js?ver=5.3.0	ScriptElement	37 kB	2023-03-07	2025-05-09
Pretty URL mgnetu.com/vendor/bootstrap/js/bootstrap.min.js?ver=5.3.0 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:16 Times Seen27455 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	unknown	ScriptElement	196 B	2023-11-27	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 14:26 Last Seen2024-08-20 17:43 Times Seen9 Hash 273fdddf215234371eb5933e7bb1bb68 954917a6f605b54ba179fcab3828ae072620fb93 897b03e810c1e41813ee82532f73272394f3fe3b25f97dbf056296ac8b70740c Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.219.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:29 Times Seen4635117 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	351 B	2023-07-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2024-08-21 03:56 Times Seen8 Hash 3dd100360314b6964ffe6ae03ef48620 fae34c2e91bed612144d404642aa384bc8777030 feda0e25d6a9a2cc7faada7b8e0c274bc02b85daeaa8b510482e47208c85710c Loading...

	unknown	ScriptElement	447 B	2023-07-07	2025-02-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2025-02-19 05:08 Times Seen12 Hash 0cc1d89212b1680b7167610ffa05a8e9 0144971145fe8faafe147c95031c514ff80b6c44 a51c74afd8b5f93e276eb19eb4d73b475f4af5cff52aa6a452851d3ba3201aeb Loading...

	unknown	ScriptElement	78 kB	2023-07-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2024-08-21 03:56 Times Seen8 Hash d9337cd2a865d403fd392d214cf92776 579bfb4627776e1474028a94ab51aa0db38e26cb 568192d3177e18007d2372175104e625c3b4f8743144de5e41be0cf6fd58f52b Loading...

	mgnetu.com/vendor/dashboard/js/app.min.js?ver=5.3.0	ScriptElement	9.9 kB	2023-03-07	2025-04-21
Pretty URL mgnetu.com/vendor/dashboard/js/app.min.js?ver=5.3.0 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38 Last Seen2025-04-21 23:02 Times Seen152 Hash c97edde005d18d707bcf8f3185de7201 99e43178d50c0386a3b222551766cb08e81da1dd 7a67b6c4dba7eceb6504af73c37a21b1d92a86f7331c85d7024ba36fcaff6236 Loading...

	unknown	ScriptElement	145 B	2023-05-08	2024-12-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 02:38 Last Seen2024-12-29 14:48 Times Seen37 Hash 06a918e0f4bff1e0a12510ca481ff15b d8fb64f86fb85e144b6bc7ff10012f41f37a2876 390358511cf8991b032587bdd877dbdda4ccb905164958ea1ba57eea439d5d75 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	mgnetu.com/5bN7	ScriptElement	59 kB	2023-07-07	2025-02-19
Pretty URL mgnetu.com/5bN7 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-07 23:02 Last Seen2025-02-19 05:08 Times Seen12 Hash cbf689e0af27deeb4c19f74761ce31a2 f312e3201ae888e0f5495f0fa5b7253ecc65a9c8 4dd184a672b3619feff21390e63a09b22f6fdb80eb6751cfb160abfd4495c3dc Loading...

	mgnetu.com/vendor/jquery.min.js?ver=5.3.0	ScriptElement	86 kB	2023-03-07	2025-05-09
Pretty URL mgnetu.com/vendor/jquery.min.js?ver=5.3.0 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-09 08:37 Times Seen3010 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	unknown	ScriptElement	145 B	2023-07-07	2024-12-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2024-12-30 21:52 Times Seen10 Hash bb2cf3ecf54f0770f88cd1e58a1faa6f 77d28e44d6a568cc0b27a5cbd704b0e86d0fc00b 32f02d8aa54b24e3c049ef247b7afd720c6032249c3ebe8190eb285e367e6e37 Loading...

	mgnetu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-09
Pretty URL mgnetu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:20 Times Seen31212 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	ScriptElement	3.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:38 Last Seen2024-08-20 17:38 Times Seen1 Hash 6823683b680ad4aeed1c949172150b27 befef0c021bcfaa76bcf8acb54aa415205904170 5dcca22a2f0c47121ea14fea8cfe20410758e11af3e70c6ca3cc24cfe2d11881 Loading...

	mgnetu.com/vendor/clipboard.min.js?ver=5.3.0	ScriptElement	11 kB	2023-04-08	2025-05-08
Pretty URL mgnetu.com/vendor/clipboard.min.js?ver=5.3.0 IP 172.67.146.233 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-08 09:47 Last Seen2025-05-08 20:12 Times Seen476 Hash d97f6cb888e99dbfd637d13a5360c2c5 2ceb7deb5ce3b3fa865e0621e98cb0c4277ff2d2 4a9dded1da1e29e0ebd1a56cea067a00f7c090e13936cf01342e50938feb49e3 Loading...

	encouragedrealityirresponsible.com/92/6c/ef/926cef8b47c32f14e00f9a46d8cb5cdf.js	ScriptElement	62 kB	2023-11-28	2023-11-28
Pretty URL encouragedrealityirresponsible.com/92/6c/ef/926cef8b47c32f14e00f9a46d8cb5cdf.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 04:52 Last Seen2023-11-28 04:52 Times Seen1 Hash 155847d151533704d18698180998aa29 bc63562955193d2fc15e24489f749e8d963bfa2b fba4f142c6f1858f7fb5be0e4e6f5a1f0a799ca9d15af0b5b1890c9e6ac2f801 Loading...

	unknown	ScriptElement	3.2 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:38 Last Seen2024-08-20 17:38 Times Seen1 Hash 7dc78b052470875f5ff882ade89bfff4 125419079a9480b203a43f05dbb6bd575d6b24fc 2a66011faf682f12002ee03c8b99f09fee3e3fa7c455be423b9677be2e543617 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-09
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 08:24 Times Seen24133 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	unknown	ScriptElement	340 B	2023-07-07	2025-02-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-07 23:02 Last Seen2025-02-19 05:08 Times Seen12 Hash a3e37c91b19c63d7e1274146480863e8 505857c8c6aa7755991bc92286166f22cb8e7a5f a38300df206718ee1b9a5c658bbfdeaaea1a9d2b567074adbbbf3170d6f96c8c Loading...

	grunoaph.net/tag.min.js	ScriptElement	81 kB	2023-11-27	2023-11-28
Pretty URL grunoaph.net/tag.min.js IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 12:47 Last Seen2023-11-28 19:59 Times Seen23 Hash c59159cd6d3da253c32262d8c656026c c529e6d3ccfc330f1b53c9f310bb88e6db1e3f08 41cf785e519b2bc2d6abee07e04a1ca8bed14dbda3e06983fe1a7cb31ce02529 Loading...

	www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	ScriptElement	918 B	2023-11-19	2023-12-03
Pretty URL www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-19 12:49 Last Seen2023-12-03 09:57 Times Seen7 Hash 7a2799e0bab0060721a467ab94adda3d 6347d232b9df4a4bd3bbf517b36ed30c0eadce77 0f66a4fd44c5ef6a753f813084d39ea83f66cfa5b6211bdef936a6d5605ea7b7 Loading...

	mgnetu.com/sandbox%20eval%20code		128 B	2023-05-06	2025-05-09
Pretty URL mgnetu.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 08:24 Times Seen24342 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	reluctantconfuse.com/a4/87/2b/a4872be001b0a3dfdac08714df178412.js	ScriptElement	62 kB	2023-11-28	2023-11-28
Pretty URL reluctantconfuse.com/a4/87/2b/a4872be001b0a3dfdac08714df178412.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 04:52 Last Seen2023-11-28 04:52 Times Seen1 Hash 07effd37721a051605938ede474194be 4b9f889b1f7e200f37741ff505a57c8d2f96cf89 48aea5a6962835781711843d2ebfb88cb853ae68d46593f3759453ff296b3ed9 Loading...

	unknown	ScriptElement	93 B	2023-03-07	2025-02-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-02-19 05:08 Times Seen15 Hash 42ab323b96dcee4fb393eeeed95f96fb 6b2636e7e2069a9a2bca71f32616522726b6a486 7faad40fecd7e6349ab37d63f6beeba78785cf3da09888bafc7f0128596c1aea Loading...

		Size	First Seen	Last Seen
	#1 Eval - f53babc86ea57e819420e7bd2fe0ae91	16 kB	2023-05-06 11:43	2025-03-04 14:19
Pretty Observations First Seen2023-05-06 11:43 Last Seen2025-03-04 14:19 Times Seen35 Hash f53babc86ea57e819420e7bd2fe0ae91 a1ce1ef45462059c774d12357dae720ffbd25c23 d6e7202575cffa6949abc8161525b7335651af9286587ea0211e11c76fc0f1de Loading...

	#2 Eval - d9c528edaf2028967d5f97c1e5fba72f	2.1 kB	2024-08-20 17:38	2024-08-20 17:38
Pretty Observations First Seen2024-08-20 17:38 Last Seen2024-08-20 17:38 Times Seen1 Hash d9c528edaf2028967d5f97c1e5fba72f f1583a81a649d3a3575b09f93820e9ddd31ce04b 9d7a13ce49b8534b384a9881823bd2e48eb7ae787dbee9dbdbf5ac355d25c2f6 Loading...

	#3 Eval - 708056031cfdb665a5f3268382c8da73	2.1 kB	2024-08-20 17:38	2024-08-20 17:38
Pretty Observations First Seen2024-08-20 17:38 Last Seen2024-08-20 17:38 Times Seen1 Hash 708056031cfdb665a5f3268382c8da73 64f8dc93c0555d0555d80dbc7d212604dfb7cee6 517902a50a372629087ffb5aaba9cb4f4fe5648aa42c31609cde8f7ccf6c9bc1 Loading...

HTTP Transactions (54)

URL IP Response Size

mgnetu.com/webroot/img/logo.png

172.67.146.233

200 OK

41 kB

URL GET HTTP/3
mgnetu.com/webroot/img/logo.png
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
PNG image data, 800 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40773 bytes)
Hash
c10c4131afee78eb67c6392653e1a943
419ca0d9b3fe03e20434902e8c38b1959ef434b5
c24838727c55dbc6170d6d6055e6d144835de79ad2e2d4842249d5d12a83b60d

HTTP Headers

GET /webroot/img/logo.png HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: image/png
content-length: 40773
cache-control: public, max-age=604800
expires: Tue, 28 Nov 2023 16:05:41 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
cf-cache-status: HIT
age: 560772
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37L2oZO08w8LV%2FCgVybrHYEwvEIL5j3J7iWVALwNtyP%2FiSMOkG73TDoxtezt0HvXE9f89X4u5TDzFcfevoYaeLMLWD4bosybVmCdOJ1JDLF29WHVmf5H8JRLgfYg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7b038605695-OSL
alt-svc: h3=":443"; ma=86400

mgnetu.com/vendor/bootstrap/css/bootstrap.min.css?ver=5.3.0

172.67.146.233

200 OK

21 kB

URL GET HTTP/3
mgnetu.com/vendor/bootstrap/css/bootstrap.min.css?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (65371)
Size
21 kB (20718 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

HTTP Headers

GET /vendor/bootstrap/css/bootstrap.min.css?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 28 Nov 2023 13:21:02 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 570651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsxiCnpTs0SHUyBmeQ4WXLU%2B0gqRSay75nSlpvBbw76L7Si%2BNcidyubv0mCRQEJyNj%2BqrIo7N5FaagJNhOP4u70wCsO9AV0eawUm%2BjK5gZU9Im5bZbDsWnSn7ofv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b028555695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

images.vfl.ru/ii/1617183253/97cf8bb0/33890012.png

212.47.236.38

200 OK

9.1 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1617183253/97cf8bb0/33890012.png
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
PNG image data, 570 x 129, 8-bit/color RGB, non-interlaced\012- data
Size
9.1 kB (9139 bytes)
Hash
d3daa19662f0e9eaf00182e89a9ec78f
ca7b7bca5cbdf9445dd9e5e1e52397992c0d4213
b8e17b78e4b6b8a52e256ec9ba55b25f6823f0e3c48112bd760b78de7bce45f0

HTTP Headers

GET /ii/1617183253/97cf8bb0/33890012.png HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 03:51:53 GMT
Content-Type: image/png
Content-Length: 9139
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 31 Mar 2021 09:34:13 GMT
ETag: "60644215-23b3"
Expires: Thu, 28 Dec 2023 03:51:53 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

mgnetu.com/full/?api=bfa244894c752b64eaa1294dc83ff36d560f708a&url=bWFnbmV0Oj94dD11cm46YnRpaDozRTcxMERFRThBMDY2N0REREQ0NzY4ODQ4RkMzQTZCREJDOTc3RDdCJmRuPVBhcGVyJTIwTWFyaW8lMjBUaGUlMjBPcmlnYW1pJTIwS2luZyUyMCU1YlhDSSU1ZCZ0cj11ZHAlM2ElMmYlMmZ0cmFja2VyL

172.67.146.233

301 Moved Permanently

18 kB

URL User Request GET HTTP/2
mgnetu.com/full/?api=bfa244894c752b64eaa1294dc83ff36d560f708a&url=bWFnbmV0Oj94dD11cm46YnRpaDozRTcxMERFRThBMDY2N0REREQ0NzY4ODQ4RkMzQTZCREJDOTc3RDdCJmRuPVBhcGVyJTIwTWFyaW8lMjBUaGUlMjBPcmlnYW1pJTIwS2luZyUyMCU1YlhDSSU1ZCZ0cj11ZHAlM2ElMmYlMmZ0cmFja2VyL
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
data
Size
18 kB (18022 bytes)
Hash
c2ddbf6408534700cb68d29624fe5536
7de560f45ff77864bb3476f76a32e9538cfae789
296f38478c77f33b7eb8d089c7172e0da4edbcde90685d5916dfa8545a24a4c1

HTTP Headers

GET /full/?api=bfa244894c752b64eaa1294dc83ff36d560f708a&url=bWFnbmV0Oj94dD11cm46YnRpaDozRTcxMERFRThBMDY2N0REREQ0NzY4ODQ4RkMzQTZCREJDOTc3RDdCJmRuPVBhcGVyJTIwTWFyaW8lMjBUaGUlMjBPcmlnYW1pJTIwS2luZyUyMCU1YlhDSSU1ZCZ0cj11ZHAlM2ElMmYlMmZ0cmFja2VyL HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/html; charset=UTF-8
location: https://mgnetu.com/5bN7
set-cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; path=/; HttpOnly; secure
csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is%2Byuxj11vy%2BnN84nVvz26UwKnlhpMNGXI%2B3aRXhRv86MdNIaC7Z4abKRkhBDJElY%2FJ3FwKTkX0ezDoRuFh%2FRBqRKweDRi2iZShaYPtxSSMbQmnuEy1u%2ByDGCcmn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa79d7d365690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

142.250.74.106

200 OK

1.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.4 kB (1423 bytes)
Hash
7486f3babc2fed7df71cf596c13692f3
a261aa0b3dc5b9dba5bfab3f04f956e6d36f11cf
3632dad9c8b2299147c2acd594a33682ee050cf79b101d73320cd990f1470223

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 03:51:53 GMT
date: Tue, 28 Nov 2023 03:51:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mgnetu.com/css/app.css?ver=5.3.0

172.67.146.233

200 OK

1.1 kB

URL GET HTTP/3
mgnetu.com/css/app.css?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (3186), with no line terminators
Size
1.1 kB (1084 bytes)
Hash
c4ef0226a081d8f99305dfeec344dc28
e9d282dd075d0fc4205b27e7408fd42809911db8
61f1b3750802f117f3b7d12312886655ffb1983d80cfd8557874714f47c9bca0

HTTP Headers

GET /css/app.css?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=4467
expires: Fri, 01 Dec 2023 08:23:33 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLChxxQR9RYL9LYr9BxgTOmHJAselN0bkkHoZqXVC5vzDF3RMpZer6GzERaSTwou7QAfiST9%2FEwBB50%2B%2B8urVKV%2BvzKAYWjfoEvYzjagOF20J%2FleDOxAFMmh8uh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b0385f5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.146.233

200 OK

85 kB

URL GET HTTP/3
mgnetu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
gzip compressed data, from Unix\012- data
Size
85 kB (84571 bytes)
Hash
9b4a14c52d09a536c59af80b9607ed75
2ce851234ce85cfe3964ec9222b6a46eb980e0a3
26d37f18ca56e0bbaa6f56a85a60211e4376592b03a2b963ee0b921ac3a97942

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNi22bUyNQgxITqa1N%2F50V06TxuXLxU%2BlsZKh73LVTFje%2FrOufr26D2YnRpP0ogthTjhYwN6%2FQA3a5WIkQjpmGE1k5eGLJvjCveOZVyNn508R1Jwyj%2BOPAm0KX3r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7b048625695-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 30 Nov 2023 03:51:53 GMT
cache-control: max-age=172800, public
content-encoding: gzip

static.a-ads.com/a-ads-banners/217382/728x90?region=eu-central-1

148.251.13.139

200 OK

709 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/217382/728x90?region=eu-central-1
IP
148.251.13.139:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/1757941?size=728x90
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90\012- data
Size
709 kB (708571 bytes)
Hash
c6395473fd63604afe5354149bef9bc0
21613e909cd38229abc80cf6928c8644a17e59c5
808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1

HTTP Headers

GET /a-ads-banners/217382/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: image/gif
content-length: 708571
x-amz-id-2: 0M6amWcKsCIROUutn0LEYAAZMmxLn8OLdFJm73Guo9wewpyIU7lyfQBLlKbqR7Rrbw6KHtcowhM=
x-amz-request-id: KSW26Q946AY2V2T3
x-amz-replication-status: COMPLETED
last-modified: Sun, 11 Jul 2021 13:31:19 GMT
etag: "c6395473fd63604afe5354149bef9bc0"
cache-control: max-age=315360000
x-amz-version-id: MdSXS0TBBSMSIX2gIg1WADzWVBc7YcGN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

mgnetu.com/vendor/dashboard/css/skins/_all-skins.min.css?ver=5.3.0

172.67.146.233

200 OK

604 kB

URL GET HTTP/3
mgnetu.com/vendor/dashboard/css/skins/_all-skins.min.css?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (40757), with no line terminators
Size
604 kB (604460 bytes)
Hash
913ee6087926cd35798c04e18c2a2314
34b1088a21d36cd7a2a73311e10fe4794739c6a2
e5e998ea42306cdbaca43e5fbc23a2ca1631d41664c57f60ebaed459d3487451

HTTP Headers

GET /vendor/dashboard/css/skins/_all-skins.min.css?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 28 Nov 2023 16:05:41 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 560772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi5sX8MJVPa3vXYfuVkcJcdAiZV8Qnkfqj%2BM4N1wuN0Qsvugxf8xFR9zA2ECZT7Qf086GCXxcpokIFTdYeQMO5P5Sy6FZDB4YA3S0YsHyE5UPkXQAxY%2Bt2k4x0Gy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b028585695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

grunoaph.net/tag.min.js

139.45.197.238

200 OK

26 kB

URL GET HTTP/2
grunoaph.net/tag.min.js
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectgrunoaph.net
FingerprintF7:66:06:3D:A3:63:3A:40:18:22:C5:85:9C:0F:A4:E8:6E:B0:98:EB
ValidityThu, 12 Oct 2023 00:53:03 GMT - Wed, 10 Jan 2024 00:53:02 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25606 bytes)
Hash
c59159cd6d3da253c32262d8c656026c
c529e6d3ccfc330f1b53c9f310bb88e6db1e3f08
41cf785e519b2bc2d6abee07e04a1ca8bed14dbda3e06983fe1a7cb31ce02529

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:55 GMT
content-type: text/javascript; charset=utf-8
content-length: 25606
content-encoding: br
x-trace-id: a7fb02e6b87577f437b789f16bb60a36
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 27 Nov 2023 11:30:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

mgnetu.com/vendor/bootstrap/js/bootstrap.min.js?ver=5.3.0

172.67.146.233

200 OK

33 kB

URL GET HTTP/3
mgnetu.com/vendor/bootstrap/js/bootstrap.min.js?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (32033)
Size
33 kB (32557 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

HTTP Headers

GET /vendor/bootstrap/js/bootstrap.min.js?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 01 Dec 2023 08:23:34 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 329299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgxxQSTFHQj9odf5kDR3c9OFS%2Be9IYqo9zOPQXkpx9ha3vr3lMHO78jtm3EXNZTDuTzzkNNoUihizXLSApbOfH5uNOHCINLC631QXAoQgS%2FYP1lhX7WIUUg8rxI7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b1e8d55695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

chpadblock.com/wp-content/uploads/2022/08/icon-1.png

95.217.119.176

200 OK

32 kB

URL GET HTTP/2
chpadblock.com/wp-content/uploads/2022/08/icon-1.png
IP
95.217.119.176:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectchpadblock.com
FingerprintFA:DB:CF:1A:8A:69:74:28:72:30:4C:AE:33:B5:EE:62:2E:A9:1F:5F
ValiditySun, 05 Nov 2023 17:50:47 GMT - Sat, 03 Feb 2024 17:50:46 GMT

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31682 bytes)
Hash
7a7ebed8ff48b4272181d84a618e9a38
0395a2d2f9f32d3d2587edae02592e99bf4cebdd
cef283b537b5b439f78780bdfe94561204b0131029ee560a85692813daefcc65

HTTP Headers

GET /wp-content/uploads/2022/08/icon-1.png HTTP/1.1
Host: chpadblock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 03:51:55 GMT
content-type: image/png
last-modified: Thu, 25 Aug 2022 14:12:55 GMT
etag: "7bc2-63078367-ad5f9166402302f;;;"
accept-ranges: bytes
content-length: 31682
date: Tue, 28 Nov 2023 03:51:55 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=6d7d655cc31f4316bfe7de627f407552

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=6d7d655cc31f4316bfe7de627f407552
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
024132a2b47f379cbb6e55eba228df94
98f897139b1369e895297979f68fefb39caa5c72
05695cc28c253c314e4251e1acb882c2e508f34ec71734eca6a60d29e12a050a

HTTP Headers

GET /gid.js?userId=6d7d655cc31f4316bfe7de627f407552 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://mgnetu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6d7d655cc31f4316bfe7de627f407552; expires=Wed, 27 Nov 2024 03:51:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

mgnetu.com/js/app.js?ver=5.3.0

172.67.146.233

200 OK

16 kB

URL GET HTTP/3
mgnetu.com/js/app.js?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
Palm OS operating system patch data "var captchaShort;var captchaContact;var captchaSignin;var captchaSignup;var captchaForgotpassword;var captchaShortlink;var invi"\012- , ASCII text, with very long lines (764)
Size
16 kB (15741 bytes)
Hash
391633bb2f42a7b4816cd25d8209a44a
15944875225c9e3e7c0415fed3b9a680a13dab2e
66cfc53fd3112b4462a11399b0daf650ad7dbbdb803c3448055378d7fbb4eb9b

HTTP Headers

GET /js/app.js?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=28230
expires: Wed, 29 Nov 2023 07:40:22 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 504691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFC%2Ftq4tT4oOEpIwkiPvmN9j2Fk%2B4woL3CZAid7vSS1A1l8jELQoBoK2iiLu0B7gNOzkn9itbE6zBVPE9AVuyiZKKlTWFAu%2Buoqd6nxm212xXvT%2FOwxdnSqB9PKG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b1d8d25695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0\012- data
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:51:09 GMT
expires: Thu, 21 Nov 2024 21:51:09 GMT
cache-control: public, max-age=31536000
age: 453646
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 03:51:55 GMT
Last-Modified: Tue, 28 Nov 2023 02:33:52 GMT
Server: ECAcc (ska/F790)
X-Cache: Miss from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hkaDzRXzY1xAP5SEmGshMifh9BWK0JScu8E9rGbpfNOp_yybTPTOcw==
Age: 4683

proftrafficcounter.com/stats

18.185.201.157

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.201.157:443
ASN
#16509 AMAZON-02

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
875989e3352225f93c72af5e2f121143
f36643f9972727ce9498c435e3d064053f547366
6e55f9812bbcff6a037ecb9d8ab419f3dc714efa1c0fd6ce2d55b511f84afbd8

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mgnetu.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=14345306-b41e-47cf-ae9e-7be413443cea:1:1; expires=Fri, 25 Nov 2033 03:51:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

encouragedrealityirresponsible.com/92/6c/ef/926cef8b47c32f14e00f9a46d8cb5cdf.js

173.233.137.60

200 OK

25 kB

URL GET HTTP/1.1
encouragedrealityirresponsible.com/92/6c/ef/926cef8b47c32f14e00f9a46d8cb5cdf.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectencouragedrealityirresponsible.com
Fingerprint50:8D:F5:D6:D4:92:AC:6B:B8:1D:F7:C9:2F:0B:44:46:CA:CA:E0:9D
ValiditySat, 25 Nov 2023 08:01:29 GMT - Fri, 23 Feb 2024 08:01:28 GMT

File type
ASCII text, with very long lines (62525), with no line terminators
Size
25 kB (24841 bytes)
Hash
155847d151533704d18698180998aa29
bc63562955193d2fc15e24489f749e8d963bfa2b
fba4f142c6f1858f7fb5be0e4e6f5a1f0a799ca9d15af0b5b1890c9e6ac2f801

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /92/6c/ef/926cef8b47c32f14e00f9a46d8cb5cdf.js HTTP/1.1
Host: encouragedrealityirresponsible.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5252711ea812deb38dda6eea555b6ade
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

192.243.59.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
encouragedrealityirresponsible.com/watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectencouragedrealityirresponsible.com
Fingerprint50:8D:F5:D6:D4:92:AC:6B:B8:1D:F7:C9:2F:0B:44:46:CA:CA:E0:9D
ValiditySat, 25 Nov 2023 08:01:29 GMT - Fri, 23 Feb 2024 08:01:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1 HTTP/1.1
Host: encouragedrealityirresponsible.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 03:51:56 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mgnetu.com
Access-Control-Allow-Origin: https://mgnetu.com
Access-Control-Allow-Credentials: true
Location: https://encouragedrealityirresponsible.com/watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=25583573bd2593ef4a815de32fad4d7181603c0c8c23144a39a5e961ab8e33cb1cba0158951db3a8d6cbc756128ff5a0811ffce2cd9fe347f69f0ac28916544115de9a0ff9be583b6b98e93f5c05991adb504d&pst=1701143576&rmtc=t
Set-Cookie: u_pl=19052443; expires=Wed, 29 Nov 2023 03:51:56 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA1MjQ0MywiayI6ImVlOWJmMzU2ZDYwMTMzMmEzYWNlMzljZTZkNjNhMzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjY0MzE4LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3NDdwZ2hkdSIsImNwa3MiOnsiMjgiOiI5MjZjZWY4YjQ3YzMyZjE0ZTAwZjlhNDZkOGNiNWNkZiIsIjI5IjoiMWMxODA2MTkxMjIxZWE5ODhmZjBhYjIxMjdmNmU1MDcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWduZXR1LmNvbS81Yk43In19.1D_wdmLjNItxf199TAEGGvRqr8WMGohaD_zMZm8LdaU; expires=Tue, 28 Nov 2023 03:52:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c266c844766b110fd6c1d1c7f507dd11
Strict-Transport-Security: max-age=0; includeSubdomains

encouragedrealityirresponsible.com/watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=25583573bd2593ef4a815de32fad4d7181603c0c8c23144a39a5e961ab8e33cb1cba0158951db3a8d6cbc756128ff5a0811ffce2cd9fe347f69f0ac28916544115de9a0ff9be583b6b98e93f5c05991adb504d&pst=1701143576&rmtc=t

173.233.137.60

200 OK

2.1 kB

URL GET HTTP/1.1
encouragedrealityirresponsible.com/watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=25583573bd2593ef4a815de32fad4d7181603c0c8c23144a39a5e961ab8e33cb1cba0158951db3a8d6cbc756128ff5a0811ffce2cd9fe347f69f0ac28916544115de9a0ff9be583b6b98e93f5c05991adb504d&pst=1701143576&rmtc=t
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectencouragedrealityirresponsible.com
Fingerprint50:8D:F5:D6:D4:92:AC:6B:B8:1D:F7:C9:2F:0B:44:46:CA:CA:E0:9D
ValiditySat, 25 Nov 2023 08:01:29 GMT - Fri, 23 Feb 2024 08:01:28 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2612)
Size
2.1 kB (2081 bytes)
Hash
0e9b367d5fd786176425a0d86d70a8b8
4968b0bd3d2e2dba87a7f839c084185fae8ad86a
ebbd5a3ce08ff2031b4530e3d12bdba484a2e61d81e4db7502242aae60256f6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.241473937497.js?key=ee9bf356d601332a3ace39ce6d63a346&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=25583573bd2593ef4a815de32fad4d7181603c0c8c23144a39a5e961ab8e33cb1cba0158951db3a8d6cbc756128ff5a0811ffce2cd9fe347f69f0ac28916544115de9a0ff9be583b6b98e93f5c05991adb504d&pst=1701143576&rmtc=t HTTP/1.1
Host: encouragedrealityirresponsible.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
Referer: https://mgnetu.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19052443; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA1MjQ0MywiayI6ImVlOWJmMzU2ZDYwMTMzMmEzYWNlMzljZTZkNjNhMzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjY0MzE4LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3NDdwZ2hkdSIsImNwa3MiOnsiMjgiOiI5MjZjZWY4YjQ3YzMyZjE0ZTAwZjlhNDZkOGNiNWNkZiIsIjI5IjoiMWMxODA2MTkxMjIxZWE5ODhmZjBhYjIxMjdmNmU1MDcifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWduZXR1LmNvbS81Yk43In19.1D_wdmLjNItxf199TAEGGvRqr8WMGohaD_zMZm8LdaU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mgnetu.com
Access-Control-Allow-Origin: https://mgnetu.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=14345306-b41e-47cf-ae9e-7be413443cea:1:1; expires=Tue, 05 Dec 2023 03:51:56 GMT; secure; SameSite=None
iprc10b20fbfe34b38da34fc111b163ebb26=3569806; expires=Tue, 28 Nov 2023 07:51:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 03:51:56 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 03:51:56 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 29 Nov 2023 03:51:56 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 29 Nov 2023 03:51:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed317cfa3cc9110479ee41faafd7d8a7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

definedbootnervous.com/d41051160661bc12d56689ea012299f9/invoke.js

192.243.59.20

200 OK

11 kB

URL GET HTTP/1.1
definedbootnervous.com/d41051160661bc12d56689ea012299f9/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectdefinedbootnervous.com
FingerprintBE:D4:61:7E:D3:F5:58:74:B4:39:61:F1:4C:BE:1B:44:00:B3:30:87
ValiditySat, 18 Nov 2023 06:38:59 GMT - Fri, 16 Feb 2024 06:38:58 GMT

File type
exported SGML document, ASCII text, with very long lines (29670), with no line terminators
Size
11 kB (10969 bytes)
Hash
3141d6d88022997d6a0881c0db6081b9
8a9e3c0daf714fad186866c3a2f4e118f6a952be
d873c6297f648756eea9b05038bcd8460476ca8c7638667d9c6ee223360be532

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d41051160661bc12d56689ea012299f9/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 03:51:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61fb10fdf9cc72405770190bed1b8868
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.34

200 OK

53 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.34:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3968)
Size
53 kB (52685 bytes)
Hash
13e563b82acaa980dfebfe1ab57c1e5c
5b999dfad1fa54ed9ee423ce0e15e312f65f7e56
2a234bcc54619d90efc442c51cf9242632969381a645eb0e07b8223ee76d02bf

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 28 Nov 2023 03:51:56 GMT
expires: Tue, 28 Nov 2023 03:51:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 13546716881099926243
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.10

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:56 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Thu, 30 Nov 2023 03:51:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

capaciousdrewreligion.com/pixel/purst?dl=0&th=0&sc=0&rs=5770&rd=5770&fd=553&bv=23.11.v.7&tmpl=70

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/pixel/purst?dl=0&th=0&sc=0&rs=5770&rd=5770&fd=553&bv=23.11.v.7&tmpl=70
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintA7:F6:7E:9B:11:C4:51:C4:B4:12:D5:22:17:34:1A:BB:DB:11:39:A4
ValidityTue, 07 Nov 2023 07:58:40 GMT - Mon, 05 Feb 2024 07:58:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=5770&rd=5770&fd=553&bv=23.11.v.7&tmpl=70 HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

173.233.139.164

307 Temporary Redirect

0 B

URL GET HTTP/1.1
reluctantconfuse.com/watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectreluctantconfuse.com
FingerprintD9:BA:D7:B0:00:BD:A7:71:8D:C4:B7:11:24:3D:A8:D1:F3:5D:0A:7B
ValiditySat, 25 Nov 2023 07:52:23 GMT - Fri, 23 Feb 2024 07:52:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1 HTTP/1.1
Host: reluctantconfuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mgnetu.com
Access-Control-Allow-Origin: https://mgnetu.com
Access-Control-Allow-Credentials: true
Location: https://reluctantconfuse.com/watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=9f2c0dcffa62c95400850a73403259f6555004a6ce8d710890e15fadf984c91e77ca5d629326630015eb6fbbfb0bd951e213403c2087f885a8e623a87c5a1d56767eb830e13f2b62a2561c99094e18b43b55526661a833e2803e068f5e71254b8e&pst=1701143577&rmtc=t
Set-Cookie: u_pl=19043154; expires=Wed, 29 Nov 2023 03:51:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA0MzE1NCwiayI6ImQ0MTA1MTE2MDY2MWJjMTJkNTY2ODllYTAxMjI5OWY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTE5MjMxLCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozNCwiYWlkIjoyNywicHQiOjQsInBrIjoidWM4dmFpeGMiLCJjcGtzIjp7IjI4IjoiYTQ4NzJiZTAwMWIwYTNkZmRhYzA4NzE0ZGYxNzg0MTIiLCIyOSI6IjYwMGM1ZTRlMzBjZWIzMTkzMDU4ZmYzN2ZjNjE4OWM5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21nbmV0dS5jb20vNWJONyJ9fQ.33FupkTnJGW4g1T3WGT1-BCPBv1vw3rOC6O5iNF39h0; expires=Tue, 28 Nov 2023 03:52:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9b082a5f4ebac76b3fbe723160f181b
Strict-Transport-Security: max-age=0; includeSubdomains

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.67

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Nov 2023 17:15:26 GMT
expires: Sun, 24 Nov 2024 17:15:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 210991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

reluctantconfuse.com/a4/87/2b/a4872be001b0a3dfdac08714df178412.js

173.233.139.164

200 OK

25 kB

URL GET HTTP/1.1
reluctantconfuse.com/a4/87/2b/a4872be001b0a3dfdac08714df178412.js
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectreluctantconfuse.com
FingerprintD9:BA:D7:B0:00:BD:A7:71:8D:C4:B7:11:24:3D:A8:D1:F3:5D:0A:7B
ValiditySat, 25 Nov 2023 07:52:23 GMT - Fri, 23 Feb 2024 07:52:22 GMT

File type
ASCII text, with very long lines (62476), with no line terminators
Size
25 kB (24820 bytes)
Hash
07effd37721a051605938ede474194be
4b9f889b1f7e200f37741ff505a57c8d2f96cf89
48aea5a6962835781711843d2ebfb88cb853ae68d46593f3759453ff296b3ed9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a4/87/2b/a4872be001b0a3dfdac08714df178412.js HTTP/1.1
Host: reluctantconfuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 089af5b40808875c68fb70fe27649a10
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

reluctantconfuse.com/watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=9f2c0dcffa62c95400850a73403259f6555004a6ce8d710890e15fadf984c91e77ca5d629326630015eb6fbbfb0bd951e213403c2087f885a8e623a87c5a1d56767eb830e13f2b62a2561c99094e18b43b55526661a833e2803e068f5e71254b8e&pst=1701143577&rmtc=t

173.233.139.164

200 OK

2.0 kB

URL GET HTTP/1.1
reluctantconfuse.com/watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=9f2c0dcffa62c95400850a73403259f6555004a6ce8d710890e15fadf984c91e77ca5d629326630015eb6fbbfb0bd951e213403c2087f885a8e623a87c5a1d56767eb830e13f2b62a2561c99094e18b43b55526661a833e2803e068f5e71254b8e&pst=1701143577&rmtc=t
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectreluctantconfuse.com
FingerprintD9:BA:D7:B0:00:BD:A7:71:8D:C4:B7:11:24:3D:A8:D1:F3:5D:0A:7B
ValiditySat, 25 Nov 2023 07:52:23 GMT - Fri, 23 Feb 2024 07:52:22 GMT

File type
HTML document, ASCII text, with very long lines (2526)
Size
2.0 kB (2047 bytes)
Hash
01e766a23fc336c0ad0352cb99676fd5
cbc867d9588f25f77839e990904a84f615214567
5973c314215ddba467c844a2d430d2dd0ad864a67f1a58ec8b13155e7aa03c16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.740605684435.js?key=d41051160661bc12d56689ea012299f9&kw=%5B%22mgnetu%22%2C%22com%22%5D&refer=https%3A%2F%2Fmgnetu.com%2F5bN7&tz=0&dev=e&res=14.3095&uuid=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1&shu=9f2c0dcffa62c95400850a73403259f6555004a6ce8d710890e15fadf984c91e77ca5d629326630015eb6fbbfb0bd951e213403c2087f885a8e623a87c5a1d56767eb830e13f2b62a2561c99094e18b43b55526661a833e2803e068f5e71254b8e&pst=1701143577&rmtc=t HTTP/1.1
Host: reluctantconfuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
Referer: https://mgnetu.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19043154; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA0MzE1NCwiayI6ImQ0MTA1MTE2MDY2MWJjMTJkNTY2ODllYTAxMjI5OWY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMTE5MjMxLCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozNCwiYWlkIjoyNywicHQiOjQsInBrIjoidWM4dmFpeGMiLCJjcGtzIjp7IjI4IjoiYTQ4NzJiZTAwMWIwYTNkZmRhYzA4NzE0ZGYxNzg0MTIiLCIyOSI6IjYwMGM1ZTRlMzBjZWIzMTkzMDU4ZmYzN2ZjNjE4OWM5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21nbmV0dS5jb20vNWJONyJ9fQ.33FupkTnJGW4g1T3WGT1-BCPBv1vw3rOC6O5iNF39h0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mgnetu.com
Access-Control-Allow-Origin: https://mgnetu.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=14345306-b41e-47cf-ae9e-7be413443cea:1:1; expires=Tue, 05 Dec 2023 03:51:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 03:51:57 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 03:51:57 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 29 Nov 2023 03:51:57 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 29 Nov 2023 03:51:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c17263f8c8441dca09c49f2305b2f115
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg

45.133.44.10

200 OK

14 kB

URL GET HTTP/2
cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 468x60, components 3\012- data
Size
14 kB (14373 bytes)
Hash
0d2baeb4a0caee6b1a835f87a81c62ab
57d1f6d9fc98e9e027d7ceafb9609ce0e1ef1293
200e84aa08fe295d5db2c8050ca81392f33ca5ff527099a9858f146d23deb3af

HTTP Headers

GET /bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:57 GMT
content-type: image/jpeg
content-length: 14373
server: nginx/1.21.6
last-modified: Wed, 08 Jun 2022 12:40:35 GMT
etag: "62a098c3-3825"
expires: Thu, 30 Nov 2023 03:51:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

172.67.219.12

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.219.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:57 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: ffa4a226e04a33d49f3b8ca4e836c505
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 03:51:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6HgCznvVUQmJ5WyCXAL%2BljyJF6fXwSVqe38k0%2F3w9ORDnkZA3GFS4BtYO44S3FPtxp50hv761ZQ4HHiOGm1a3%2FmnnS6LvzKZIIZAI1k%2BKVqDHSku9ASGwrgNplsTMaf9FOsd7dq%2BVKpuBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7c86f98b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ourdesperate.com/pixel/purst?dl=0&th=0&sc=0&rs=6678&rd=6678&fd=557&bv=23.11.v.7&tmpl=70

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
ourdesperate.com/pixel/purst?dl=0&th=0&sc=0&rs=6678&rd=6678&fd=557&bv=23.11.v.7&tmpl=70
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectourdesperate.com
FingerprintF1:DF:0C:D9:EE:04:F8:F6:BC:94:65:18:F3:84:9E:6E:78:7E:66:C5
ValiditySat, 25 Nov 2023 08:11:44 GMT - Fri, 23 Feb 2024 08:11:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=6678&rd=6678&fd=557&bv=23.11.v.7&tmpl=70 HTTP/1.1
Host: ourdesperate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 03:51:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

static.a-ads.com/a-ads-banners/482538/336x280?region=eu-central-1

148.251.13.139

200 OK

600 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/482538/336x280?region=eu-central-1
IP
148.251.13.139:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/1757947?size=336x280
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 336 x 280\012- data
Size
600 kB (600458 bytes)
Hash
8cdbc07ae529dd618cd8fc055568529a
0eab8aac95fdb189c1f4ed51546c56b6c71e5a6f
36b95881816fd9826f10bc4ff9a870af6c56a328cf71a07d651646417039b316

HTTP Headers

GET /a-ads-banners/482538/336x280?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: image/gif
content-length: 600458
x-amz-id-2: JoCpo476ySFV+NTFlcdrZiNtNJasjf+If2oH36/UoOOaH42FqZArbloKzOHxTzAOynrBO1C2q2Y=
x-amz-request-id: 9EADVEZD6S426BAX
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Oct 2023 18:04:14 GMT
etag: "8cdbc07ae529dd618cd8fc055568529a"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: b5Ge8fOu_5BsFrfMrgR17.J9JBvBONew
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

mgnetu.com/links/go

172.67.146.233

200 OK

214 B

URL POST HTTP/3
mgnetu.com/links/go
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
214 B (214 bytes)
Hash
b0446662d91786d276e33d64596c7064
62bd35b413b920130d39f3dee3cc12d92bae4571
ac12d9b27844c58212059d831517743101c01da63da23cf16954f0a314568805

HTTP Headers

POST /links/go HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 683
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT; prefetchAd_2954309=true; ab=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=14345306-b41e-47cf-ae9e-7be413443cea%3A1%3A1; pp_main_a4872be001b0a3dfdac08714df178412=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:52:01 GMT
content-type: application/json; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKXqBLIijibY5ObR3yPZ9owF347aiwI76r38iNN3GA8YG5IqeG8VIFR2wKeSsfJQEzwtdrrt4UUXtSX6QqQEeFrg4A33e6CbejX%2BlMAXtVQkgJXlRv%2FalJZeI%2BW0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7d98bd85695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/5bN7

172.67.146.233

200 OK

0 B

URL HEAD HTTP/3
mgnetu.com/5bN7
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /5bN7 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZfChKBk%2FeW0xpsDnts4fhuICEbULdTiglbO42b7WVo2m68R6SXQHxdW91ZNfUYsS7Xt%2Be0zLvh%2BugzYIaNPcMhvupaOpUTCQD8CqrUy8Pyagd7Icv8AY%2B1boRIe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b188b85695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ad.a-ads.com/1757941?size=728x90

78.46.32.91

200 OK

16 kB

URL GET HTTP/2
ad.a-ads.com/1757941?size=728x90
IP
78.46.32.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11012)
Size
16 kB (15533 bytes)
Hash
57266b9ca3e9d9c24cada8739ef0517d
17b28378bd220d4627b7957ab73488e1eb0a8d9b
fb35a2af286b4b907bc4397811ea43b7a53e03784d0273da652ce516df68a358

HTTP Headers

GET /1757941?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://mgnetu.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

ad.a-ads.com/1341068?size=468x60

78.46.32.91

200 OK

14 kB

URL GET HTTP/2
ad.a-ads.com/1341068?size=468x60
IP
78.46.32.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11012)
Size
14 kB (14047 bytes)
Hash
2be104ec561102aae4c02eea2bb9dbd5
1e5a0a13ddb692d84ea768d893df1f78b10e4244
e046b9fa1e23c48c49aca8144740d4d091e4dc095bee3bf24aff585834c7e65f

HTTP Headers

GET /1341068?size=468x60 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://mgnetu.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

mgnetu.com/vendor/dashboard/js/app.min.js?ver=5.3.0

172.67.146.233

200 OK

9.9 kB

URL GET HTTP/3
mgnetu.com/vendor/dashboard/js/app.min.js?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (10373), with no line terminators
Size
9.9 kB (9923 bytes)
Hash
dfc025d335df49c55aa3aee853450f83
fe636c5ae88d192a7d9f8220dac7ef17010b3f3d
db0f03e4a5390751303b4738a042dac13670d4f02c78b94bfe659258d2043870

HTTP Headers

GET /vendor/dashboard/js/app.min.js?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sun, 03 Dec 2023 05:47:50 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 165843
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE3K2nfWKy4mtEA2vP6bS7%2B%2Bd7TSCI1NotUr%2FAKNqJArZ%2BIIqrbJcWMFHhIwUf6uFcQpWrJhXlm239k7z8SlyciCprKsZTQRl2KTboO%2BRpnptV3QMas4YvVJLOao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b1d8d15695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/js/ads.js

172.67.146.233

200 OK

106 B

URL GET HTTP/3
mgnetu.com/js/ads.js
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
31129bbaf6802ed0bdd11a024afe7646
22ea0726f15adb8b677d9b4b829b39ce61da1bfc
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
cf-bgj: minify
expires: Wed, 29 Nov 2023 06:08:23 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
cf-cache-status: HIT
age: 510210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2RwDvUU%2BLCh%2Fab%2Fjdue7AeycFHV%2FK4eYTcqVapZEtWgw%2BhAPnVfc4MgzO7K8mZrLD6gamBeLQ3GR8qerJtiwR%2BtFMHOA0QbnSM6f41Ss3rqDSZqToOmRqnJ2Wh5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7b1e8d75695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/5bN7

172.67.146.233

200 OK

147 kB

URL User Request GET HTTP/2
mgnetu.com/5bN7
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59489), with CRLF, LF line terminators
Size
147 kB (146627 bytes)
Hash
9dca3d51374a1c49cf4177848e56ac5e
54fb733b208ec4e4e200223ab6dd7d6e07f121f2
fde0f1e87c36f5d5d0d1d3ca74bdd991b10348287bf9fbd7ada07f26bea6930b

HTTP Headers

GET /5bN7 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT; expires=Wed, 29-Nov-2023 03:51:53 GMT; Max-Age=86400; path=/; HttpOnly; secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkqX9W7GOPyCg9eEESclnOOMcM%2BAOrJsxDJpxKWbL1vadrjW9SdyIs%2F4Vrohfqypdls1bms7xtS7ErdpU6pd%2BdlDYU3VclymWG7FoETMA8L4kSPqnKphdMFdi%2Fjk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7adb9955690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mgnetu.com/vendor/jquery.min.js?ver=5.3.0

172.67.146.233

200 OK

86 kB

URL GET HTTP/3
mgnetu.com/vendor/jquery.min.js?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85577 bytes)
Hash
b354cc9d56a1da6b0c77604d1b153850
a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

HTTP Headers

GET /vendor/jquery.min.js?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sun, 03 Dec 2023 05:47:50 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 165843
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AY%2F2uo9jJORdXUvuFu5HqqrrW%2FldA%2BvmMv8Zi%2F%2FlEWY4uAqwJxk3Ei2bboHAHZK2hUU2nGzMpXU%2FkzB%2FPDiBuoA%2FvGbvildktoxqhcaFzW3o0%2BMa%2FYWBOJsBCnk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b1e8d65695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

grunoaph.net/5/2954309/?oo=1&aab=1

139.45.197.238

200 OK

2.8 kB

URL GET HTTP/2
grunoaph.net/5/2954309/?oo=1&aab=1
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectgrunoaph.net
FingerprintF7:66:06:3D:A3:63:3A:40:18:22:C5:85:9C:0F:A4:E8:6E:B0:98:EB
ValidityThu, 12 Oct 2023 00:53:03 GMT - Wed, 10 Jan 2024 00:53:02 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3008), with no line terminators
Size
2.8 kB (2768 bytes)
Hash
e35c8327f23fcc780e5a859d3480c2e5
1aa573da6e05b8c8800336a467a2165bdcf97ada
1fbe47a5912fd18b8f76bfab01d8977e1f75a337610319e41068253e239141d6

HTTP Headers

GET /5/2954309/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:55 GMT
content-type: application/json
x-trace-id: e46a9efcb3d5dfb43c2545e00071fc47
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mgnetu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6d7d655cc31f4316bfe7de627f407552; expires=Wed, 27 Nov 2024 03:51:55 GMT; path=/; secure; SameSite=None
oaidts=1701143515; expires=Wed, 27 Nov 2024 03:51:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

chpadblock.com/wp-content/uploads/2023/04/d.svg

95.217.119.176

200 OK

73 kB

URL GET HTTP/2
chpadblock.com/wp-content/uploads/2023/04/d.svg
IP
95.217.119.176:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectchpadblock.com
FingerprintFA:DB:CF:1A:8A:69:74:28:72:30:4C:AE:33:B5:EE:62:2E:A9:1F:5F
ValiditySun, 05 Nov 2023 17:50:47 GMT - Sat, 03 Feb 2024 17:50:46 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (20835)
Size
73 kB (72648 bytes)
Hash
d58bce37181e86cee427c3373a5b9664
86a9694051993251cdaa3922b8000b6a905005e1
8bb3b588f1e6e34e35e61afa9e35a4bf87959f1663635dbedbdffe12b6fee59a

HTTP Headers

GET /wp-content/uploads/2023/04/d.svg HTTP/1.1
Host: chpadblock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 03:51:55 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Apr 2023 07:02:05 GMT
etag: "11bc8-642e6e6d-95ee8076892ad2af;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 22302
date: Tue, 28 Nov 2023 03:51:55 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

mgnetu.com/vendor/font-awesome/css/font-awesome.min.css?ver=5.3.0

172.67.146.233

200 OK

31 kB

URL GET HTTP/3
mgnetu.com/vendor/font-awesome/css/font-awesome.min.css?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (30789)
Size
31 kB (30952 bytes)
Hash
81bda110c7986e8713e74ca171dd8ce3
60d9d8fab95f81e06f3922c2ce2c9ba5bd97fd88
49f2536799fe69214edf8a7e469c6d7124307a4e4e913651469a247c7244e81f

HTTP Headers

GET /vendor/font-awesome/css/font-awesome.min.css?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 29 Nov 2023 06:08:23 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510210
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64UDP1I8UQmFDiEfIlXhlqO3vxrp28jTpXgVLWqZyNHwHu21EDc1c8wLRZtubWy802Pu8rmBPUqy8qO%2FIX7GULCAmh1gbuX7i96bGeV1Izxmm5qswO0POrltSIaC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b028565695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.132

200 OK

918 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (918), with no line terminators
Size
918 B (918 bytes)
Hash
7a2799e0bab0060721a467ab94adda3d
6347d232b9df4a4bd3bbf517b36ed30c0eadce77
0f66a4fd44c5ef6a753f813084d39ea83f66cfa5b6211bdef936a6d5605ea7b7

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 28 Nov 2023 03:51:53 GMT
date: Tue, 28 Nov 2023 03:51:53 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.197.8

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
172.64.197.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7b48731ee3cb68cb7f37be1a3634b1d9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 03:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apCQM28hPGX75RUkpYWGB3%2FFE6bFRq0wQNMIPfbQAhihUQDgfejkcuoiy%2B0UnKMolN21cCY0yM%2FGLVzR0cE07eqWuenliVJsRL35JOUTjJBsoPJIM6b2NZyV0HS1fnCu9d%2FZZdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7c72a984182-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/favicon.ico

172.67.146.233

200 OK

1.2 kB

URL GET HTTP/3
mgnetu.com/favicon.ico
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
4810d81a93e00f294f71fad230883dfa
34aa8138d5b84b81fe80ab19a44050a9a45d2298
94e9bbf17428f80dd436fa662fb599cd19490c1ab52288e1b7f56644eb3cb114

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Tue, 28 Nov 2023 16:11:35 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 560419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggLHQ9zDDCRi4q8JllFTLpS8OxZUUyIiJuyE8CwvjZyn2J%2FKOhC3HBm7Oa01v6CHDKAmRRD6RBosovbB%2Bs4LGaXNSyxXu21UTCDXhs9AsBnvyNEGvCWX%2BFy4gEKe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b329315695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.a-ads.com/a-ads-banners/486633/728x90?region=eu-central-1

148.251.13.139

200 OK

76 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/486633/728x90?region=eu-central-1
IP
148.251.13.139:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/1341068?size=468x60
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90\012- data
Size
76 kB (75685 bytes)
Hash
7ebe340611a24d387013a3dbd6ecb260
6ab6421fd74ed6b3de3c7b149da4db7e9aad0dac
1df4cc69069d3c250cbecf661397e3d06628af083f76917e02eabef0c6b31e4d

HTTP Headers

GET /a-ads-banners/486633/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: image/gif
content-length: 75685
x-amz-id-2: drA1J9PQqz6biHeNPhNPYZJhmitp2d+iCGBSP7uGqwvUWmmn2OzcYez7JZ9BqWck7UnSKC5dt34=
x-amz-request-id: ZB62R1QZVTRVBTPN
x-amz-replication-status: COMPLETED
last-modified: Wed, 01 Nov 2023 15:37:56 GMT
etag: "7ebe340611a24d387013a3dbd6ecb260"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 23pAKlRD4tJB.KoayJE2I2RQWLEhFtBs
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ad.a-ads.com/1757947?size=336x280

78.46.32.91

200 OK

17 kB

URL GET HTTP/2
ad.a-ads.com/1757947?size=336x280
IP
78.46.32.91:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11012)
Size
17 kB (17061 bytes)
Hash
118ccc857e4597f67ea3f716f4528e50
d19811f4d49e8d3e73a580766cd8e0bfe391987a
5177f4ad184ebed1698366132eb2468592294e211f7b7e5fad77c872c9753cc3

HTTP Headers

GET /1757947?size=336x280 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://mgnetu.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

grunoaph.net/?rb=FysqKqEHJTy91xtbIUqn4jrhMrwaG0scSYmnlc6aH2nFZfYXUMWS-Sesc2ciN0AzSHpVLrxGXBAvtWPO1mW_PEgo3VTr6dlGYsgJqrJy7OTAqDvdI6xTjMo_nz4WSfUj_JIA7bZFPngGj567V0XW6gZlTQGEdn1DeUeBd2J0bRGNhXD8g9biMQxhA8OPT1mAg8e3JoQXAi7jl61BTxFMuqxkcMkC3-R-N9kRiw%3D%3D&request_ab2=0&zoneid=2954309&js_build=iclick-v1.633.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fmgnetu.com%2F5bN7&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.633.0&bs=e8d2b89d-e0aa-4a81-8612-61011161ec9f&userId=6d7d655cc31f4316bfe7de627f407552&m=link

139.45.197.238

200 OK

2.3 kB

URL GET HTTP/2
grunoaph.net/?rb=FysqKqEHJTy91xtbIUqn4jrhMrwaG0scSYmnlc6aH2nFZfYXUMWS-Sesc2ciN0AzSHpVLrxGXBAvtWPO1mW_PEgo3VTr6dlGYsgJqrJy7OTAqDvdI6xTjMo_nz4WSfUj_JIA7bZFPngGj567V0XW6gZlTQGEdn1DeUeBd2J0bRGNhXD8g9biMQxhA8OPT1mAg8e3JoQXAi7jl61BTxFMuqxkcMkC3-R-N9kRiw%3D%3D&request_ab2=0&zoneid=2954309&js_build=iclick-v1.633.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fmgnetu.com%2F5bN7&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.633.0&bs=e8d2b89d-e0aa-4a81-8612-61011161ec9f&userId=6d7d655cc31f4316bfe7de627f407552&m=link
IP
139.45.197.238:443
ASN
#9002 RETN Limited

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectgrunoaph.net
FingerprintF7:66:06:3D:A3:63:3A:40:18:22:C5:85:9C:0F:A4:E8:6E:B0:98:EB
ValidityThu, 12 Oct 2023 00:53:03 GMT - Wed, 10 Jan 2024 00:53:02 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2378), with no line terminators
Size
2.3 kB (2349 bytes)
Hash
f8f8cf08ad1480474b698a1fe774cb54
b2b873ac524a9895228ae13bd84f7e8167606750
51ef95bb6c4b2e1117bccf06395646493ccf8817008ba39a7721fef7163ec90f

HTTP Headers

GET /?rb=FysqKqEHJTy91xtbIUqn4jrhMrwaG0scSYmnlc6aH2nFZfYXUMWS-Sesc2ciN0AzSHpVLrxGXBAvtWPO1mW_PEgo3VTr6dlGYsgJqrJy7OTAqDvdI6xTjMo_nz4WSfUj_JIA7bZFPngGj567V0XW6gZlTQGEdn1DeUeBd2J0bRGNhXD8g9biMQxhA8OPT1mAg8e3JoQXAi7jl61BTxFMuqxkcMkC3-R-N9kRiw%3D%3D&request_ab2=0&zoneid=2954309&js_build=iclick-v1.633.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Fmgnetu.com%2F5bN7&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.633.0&bs=e8d2b89d-e0aa-4a81-8612-61011161ec9f&userId=6d7d655cc31f4316bfe7de627f407552&m=link HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mgnetu.com/
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Cookie: OAID=6d7d655cc31f4316bfe7de627f407552; oaidts=1701143515
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 03:51:55 GMT
content-type: application/json
x-trace-id: 95dc26c7a82c7faa5053a08ce79cab5f
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://mgnetu.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6d7d655cc31f4316bfe7de627f407552; expires=Wed, 27 Nov 2024 03:51:55 GMT; path=/; secure; SameSite=None
oaidts=1701143515; expires=Wed, 27 Nov 2024 03:51:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 05 Dec 2023 03:51:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.197.8

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.197.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 03:51:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 84a82fc6f8ca5f1f04bfa7bc388bb7d7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 03:51:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5ocUSojKm5fVvKUva82qKggHHE1Jv%2Fa832N63o6E%2BoVP6U9%2F%2Be7hGYglzIFSEhGlccIqxqduiim877LIND6KmqfvwWloxLYeUci9f6iFX9T%2BcbrfS7NGjUYFAHlP360hzIJq0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82cfa7c1fa5e60fc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.profitabledisplaynetwork.com/ee9bf356d601332a3ace39ce6d63a346/invoke.js

173.233.137.44

200 OK

30 kB

URL GET HTTP/1.1
www.profitabledisplaynetwork.com/ee9bf356d601332a3ace39ce6d63a346/invoke.js
IP
173.233.137.44:443
ASN
#7979 SERVERS-COM

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
FingerprintF8:76:7B:6D:E9:49:0F:FE:3A:DE:54:8B:28:91:35:99:76:99:8E:89
ValiditySun, 29 Oct 2023 07:30:47 GMT - Sat, 27 Jan 2024 07:30:46 GMT

File type
exported SGML document, ASCII text, with very long lines (29712), with no line terminators
Size
30 kB (29712 bytes)
Hash
2f06eb52824fc5378f21170804983d37
e92fc0bfc74450343080767a0f314d01dfa36fe0
24e34eb0c9ae3bf3a78ce400814aee39d10bcb1f28a3dca09358996c984c2927

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ee9bf356d601332a3ace39ce6d63a346/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 03:51:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c84bf8acec2f4588af7e72cd100b6e24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

mgnetu.com/vendor/dashboard/css/AdminLTE.min.css?ver=5.3.0

172.67.146.233

200 OK

90 kB

URL GET HTTP/3
mgnetu.com/vendor/dashboard/css/AdminLTE.min.css?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type
ASCII text, with very long lines (65310)
Size
90 kB (90276 bytes)
Hash
fdffc44e91f07e4cf200307f3b4e2421
649cd2fa22d802a2491d2cdaef960ddd08132bbb
6a67b1809a10680da524de5b59e10ec07e187e7f41db360f2758b3bf2db7d766

HTTP Headers

GET /vendor/dashboard/css/AdminLTE.min.css?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 30 Nov 2023 03:20:48 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 433865
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGBhr5oh4sumkUlgE3HpfvDR6%2FvfQF41XAstRy3jIBjyUka7L6hkKybRtAsje%2B0RcCoccNmZKXa0wZy2W4x1ZcX8qVWtE1GDpXVdWH927N8jAQixs3Rvq588tp6l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b028575695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mgnetu.com/vendor/clipboard.min.js?ver=5.3.0

172.67.146.233

200 OK

11 kB

URL GET HTTP/3
mgnetu.com/vendor/clipboard.min.js?ver=5.3.0
IP
172.67.146.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subjectmgnetu.com
Fingerprint0E:28:BD:16:0C:4B:02:FE:6E:91:FA:1B:2B:AB:C5:2D:A8:72:DF:64
ValiditySat, 04 Nov 2023 11:38:44 GMT - Fri, 02 Feb 2024 11:38:43 GMT

File type

Size
11 kB (10599 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vendor/clipboard.min.js?ver=5.3.0 HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mgnetu.com/5bN7
Cookie: AppSession=382d0a24cd64e38711dfc3da4379f171; csrfToken=222422e74bfd60b7ec728ae2b8575b17ec79868804600410da1d01d08c9eb4a6f24a34c375180b79a1616844b18343daef0dd74e2e32a92aa42d077c143a391d; visitor=Q2FrZQ%3D%3D.OWUwMzQyM2JiMGZjMDNmNGNhZGYzZTRmYzMwOWVkMmY1OWU0Y2RiYjFkNjBiNjlmOTIxYmVjMzQ2ZDk3MTcwMLhP80cHnwTSLUHX%2FFf1yMYfpKy5AQfhvKrcr3yVp3vQ9%2FZYlFvWoem9IauZgBxOFx60t%2F240aBEybDMo%2BQArolqUnYN2VBoTYMhcZe9xZVT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 03:51:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sun, 03 Dec 2023 06:47:14 GMT
last-modified: Thu, 19 Dec 2019 15:37:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 162279
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Buc4ntyaSl5m0Gff05BcVFJKJW7SUVYVXDLI0CbZJ%2BE%2FeQMsLi8djpTqxMzuU1MyMkjdw4wpt4QfN1SEQ8rfhMKOZMlRJwkDO3uUtqkubDdC%2FoLNU9SjLtDHkHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82cfa7b1d8d35695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://mgnetu.com/5bN7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mgnetu.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 21:16:36 GMT
expires: Wed, 20 Nov 2024 21:16:36 GMT
cache-control: public, max-age=31536000
age: 542117
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML