magicbarsllc.com Open in urlscan Pro
2606:4700:3033::ac43:d957 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://afgolpawca.com/afu.php?zoneid=1765078
Effective URL:
https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chro...
Submission: On November 23 via api (November 23rd 2023, 12:38:40 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3033::ac43:d957, located in United States and belongs to CLOUDFLARENET, US. The main domain is magicbarsllc.com. The Cisco Umbrella rank of the primary domain is 970148.
TLS certificate: Issued by E1 on October 3rd 2023. Valid for: 3 months.

This is the only time magicbarsllc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	212.117.190.210 212.117.190.210	7979 (SERVERS-COM) (SERVERS-COM)
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:d957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

4 212.117.190.210 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)

afgolpawca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pshcollectshk.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:d957 (United States)

ASN13335 (CLOUDFLARENET, US)

magicbarsllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)

t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	afgolpawca.com afgolpawca.com	25 KB
3	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 46381 t.ocmhood.com — Cisco Umbrella Rank: 11204	13 KB
2	magicbarsllc.com magicbarsllc.com — Cisco Umbrella Rank: 970148	21 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 48810	759 B
1	pshcollectshk.top 1 redirects www.pshcollectshk.top	1 KB
10	5

	Domain	Requested by
4	afgolpawca.com	afgolpawca.com
2	t.ocmhood.com	sdk.ocmhood.com
2	magicbarsllc.com	afgolpawca.com magicbarsllc.com
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	magicbarsllc.com
1	www.pshcollectshk.top	1 redirects
10	6

This site contains no links.

Subject Issuer	Validity	Valid
Buypass Class 2 CA 5	`2023-11-01` - `2024-04-28`	6 months	crt.sh
magicbarsllc.com E1	`2023-10-03` - `2024-01-01`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078
Frame ID: 2258C9A6D115E4725637016BAAE385AA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

https://afgolpawca.com/afu.php?zoneid=1765078 Page URL
https://afgolpawca.com/?r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSO... Page URL
https://www.pshcollectshk.top/go/2be216f6-d421-4480-88ff-ef39cb34a951?cost=0.00020000001&SUBID=23112219384... HTTP 302
https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=... Page URL

Page Statistics

10
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

59 kB
Transfer

126 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://afgolpawca.com/afu.php?zoneid=1765078 Page URL
https://afgolpawca.com/?r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSOdWYe13H0QUTfIIyb8EyHIc4sbOX0RpvF5n-ZH5owe5wmK161Xy0rCj0bIRG9B2ZLyTcGuaSYn7vBSL8Rf-2V1ZumsQSzv6mOcJ7e-22g5P8dZaHy8ZJ1Vjc6H2XqP85_8in3mvyIe1KRuUmZOIyGdWORNjyArImsCDxHeA8UpQqbH2aIYZNGhywZxR_-dnldm9o4M4PNMhFp9OCZfE5uuTtes09zTno792SGRkEwh-hky2gojXetDhBFrIVf0hJS00ZG80VZwVqTj-8UzyUxb0j9l-SqRg6umehegzGDQhtSGAIcwnJjih9pR0qFNv0XCOfUW8aCbJZWPjn9xiiODwz_bjzw9NfgjhRIJYSNCw5EAmXn9GrBcfLzx6GHpcIQPoHThen3cM-sq8rLoVwWqRNZkyvwwWM50gYLVyp6rtbOK08ywtK0u61mfKuWyPrSDIO7nLf-pU4GDTh32JqjPNJEONlxMC-yX9Twi-J-eOULDO_Z272f3xNbuksP_zqqlHCu7D2eegHUmOwKn8ztex65HtrvP8C-9KdqcqKW9Qp_prpbvmiz_sD35CS3jy2lgpIxJSR67toKoDwMIrU50H6V4SYWUAOcfL7DM8fU2KOnwmg8XQdU49Luh6YcxB6yWvR4-v9vJM9ZpCLtVpFf0MlrI8vYhLiCssV8jXeW5IlZElAV_at7Dr6zPrFlIAVw-wpdX85Vei9pWGYEjJMaXy3_muUtQmzcCB_-WniCSj-MLpum-NL2oFHJxNJZ4sHLpJwSiyEsGxGy3lAbM-ub6Wu-OB_vQNyAAdgS-JT6weOhWQLaxE2a_UhzCICUBfPHrwwaqqV-eKXjRaTf7exTql4tA5TXlwDyhnuN6NPWpl8OkvaR1F-6ZDes0zWlLlsJozNgsppvqBv5TzInmGX3XFMhNArPfDexbQokp6tlifKVGgDAiSqjuyWZt8aVA1tNyD2nHgGFMCm0FmpmDViVQAdLjLRJYkWKTu7NdcMBYSmKuuWR5jjmwjjrX3bmcGG0kV2uH4l2GSHbWMKNIlchBxBr2-gOMNJVk8M25KATEz2qKL1qw3fjyHSb&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=5178006650382336&eclog=0&sp=1&im=1&pload=260&rlp=%5B0%2C0.09999847412109375%2C79.70000457763672%2C41.099998474121094%2C2%2C195.0999984741211%2C94.0999984741211%2C56.5%5D Page URL
https://www.pshcollectshk.top/go/2be216f6-d421-4480-88ff-ef39cb34a951?cost=0.00020000001&SUBID=231122193849c02a6c92eb4e598d66b5d83b&zoneid=1765078&bannerid=3714783&campaignid=2722549&cost=0.00020000001 HTTP 302
https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	afu.php Show response afgolpawca.com/	2 KB 2 KB	137ms 37ms	Document text/html	212.117.190.210 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://afgolpawca.com/afu.php?zoneid=1765078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.210 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash `d9a0278577caee3b8ce1d60c8b9b3d919d62ce5aa7d5d5d3250414b978b5c02d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 Nov 2023 00:38:34 GMT referrer-policy no-referrer server nginx timing-allow-origin * vary Accept-Encoding x-route-id check.sumbit.dl
GET H2	200	submit.min.js Show response afgolpawca.com/	42 KB 18 KB	55ms 55ms	Script application/javascript	212.117.190.210 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://afgolpawca.com/submit.min.js?abvar= Requested by Host: afgolpawca.com URL: https://afgolpawca.com/afu.php?zoneid=1765078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.210 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash `e15a59ad54d810205d9f4f4836ed47dfcd415bf4d7128e637743fd4ddb2929d4` Request headers accept-language de-DE,de;q=0.9 sec-ch-viewport-height 1200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 sec-ch-device-memory 8 sec-ch-viewport-width 1600 sec-ch-prefers-reduced-transparency no-preference Referer sec-ch-prefers-reduced-motion no-preference sec-ch-dpr 1 sec-ch-prefers-color-scheme light Response headers date Thu, 23 Nov 2023 00:38:34 GMT content-encoding gzip last-modified Wed, 15 Nov 2023 14:55:11 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"6554dbcf-a617" vary Accept-Encoding content-type application/javascript timing-allow-origin *
GET H2	200	/ afgolpawca.com/	7 KB 4 KB	34ms 33ms	Document text/html	212.117.190.210 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://afgolpawca.com/?r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSOdWYe13H0QUTfIIyb8EyHIc4sbOX0RpvF5n-ZH5owe5wmK161Xy0rCj0bIRG9B2ZLyTcGuaSYn7vBSL8Rf-2V1ZumsQSzv6mOcJ7e-22g5P8dZaHy8ZJ1Vjc6H2XqP85_8in3mvyIe1KRuUmZOIyGdWORNjyArImsCDxHeA8UpQqbH2aIYZNGhywZxR_-dnldm9o4M4PNMhFp9OCZfE5uuTtes09zTno792SGRkEwh-hky2gojXetDhBFrIVf0hJS00ZG80VZwVqTj-8UzyUxb0j9l-SqRg6umehegzGDQhtSGAIcwnJjih9pR0qFNv0XCOfUW8aCbJZWPjn9xiiODwz_bjzw9NfgjhRIJYSNCw5EAmXn9GrBcfLzx6GHpcIQPoHThen3cM-sq8rLoVwWqRNZkyvwwWM50gYLVyp6rtbOK08ywtK0u61mfKuWyPrSDIO7nLf-pU4GDTh32JqjPNJEONlxMC-yX9Twi-J-eOULDO_Z272f3xNbuksP_zqqlHCu7D2eegHUmOwKn8ztex65HtrvP8C-9KdqcqKW9Qp_prpbvmiz_sD35CS3jy2lgpIxJSR67toKoDwMIrU50H6V4SYWUAOcfL7DM8fU2KOnwmg8XQdU49Luh6YcxB6yWvR4-v9vJM9ZpCLtVpFf0MlrI8vYhLiCssV8jXeW5IlZElAV_at7Dr6zPrFlIAVw-wpdX85Vei9pWGYEjJMaXy3_muUtQmzcCB_-WniCSj-MLpum-NL2oFHJxNJZ4sHLpJwSiyEsGxGy3lAbM-ub6Wu-OB_vQNyAAdgS-JT6weOhWQLaxE2a_UhzCICUBfPHrwwaqqV-eKXjRaTf7exTql4tA5TXlwDyhnuN6NPWpl8OkvaR1F-6ZDes0zWlLlsJozNgsppvqBv5TzInmGX3XFMhNArPfDexbQokp6tlifKVGgDAiSqjuyWZt8aVA1tNyD2nHgGFMCm0FmpmDViVQAdLjLRJYkWKTu7NdcMBYSmKuuWR5jjmwjjrX3bmcGG0kV2uH4l2GSHbWMKNIlchBxBr2-gOMNJVk8M25KATEz2qKL1qw3fjyHSb&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=5178006650382336&eclog=0&sp=1&im=1&pload=260&rlp=%5B0%2C0.09999847412109375%2C79.70000457763672%2C41.099998474121094%2C2%2C195.0999984741211%2C94.0999984741211%2C56.5%5D Requested by Host: afgolpawca.com URL: https://afgolpawca.com/submit.min.js?abvar= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.210 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-device-memory 8 sec-ch-dpr 1 sec-ch-prefers-color-scheme light sec-ch-prefers-reduced-motion no-preference sec-ch-prefers-reduced-transparency no-preference sec-ch-viewport-height 1200 sec-ch-viewport-width 1600 Response headers accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 Nov 2023 00:38:35 GMT referrer-policy no-referrer server nginx timing-allow-origin * vary Accept-Encoding x-route-id redirect.dl
GET H2	200	Primary Request / Show response magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/ Redirect Chain https://www.pshcollectshk.top/go/2be216f6-d421-4480-88ff-ef39cb34a951?cost=0.00020000001&SUBID=231122193849c02a6c92eb4e598d66b5d83b&zoneid=1765078&bannerid=3714783&campaignid=2722549&cost=0.0002000... https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078	33 KB 20 KB	287ms 217ms	Document text/html	2606:4700:3033::ac43:d957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 Requested by Host: afgolpawca.com URL: https://afgolpawca.com/?r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSOdWYe13H0QUTfIIyb8EyHIc4sbOX0RpvF5n-ZH5owe5wmK161Xy0rCj0bIRG9B2ZLyTcGuaSYn7vBSL8Rf-2V1ZumsQSzv6mOcJ7e-22g5P8dZaHy8ZJ1Vjc6H2XqP85_8in3mvyIe1KRuUmZOIyGdWORNjyArImsCDxHeA8UpQqbH2aIYZNGhywZxR_-dnldm9o4M4PNMhFp9OCZfE5uuTtes09zTno792SGRkEwh-hky2gojXetDhBFrIVf0hJS00ZG80VZwVqTj-8UzyUxb0j9l-SqRg6umehegzGDQhtSGAIcwnJjih9pR0qFNv0XCOfUW8aCbJZWPjn9xiiODwz_bjzw9NfgjhRIJYSNCw5EAmXn9GrBcfLzx6GHpcIQPoHThen3cM-sq8rLoVwWqRNZkyvwwWM50gYLVyp6rtbOK08ywtK0u61mfKuWyPrSDIO7nLf-pU4GDTh32JqjPNJEONlxMC-yX9Twi-J-eOULDO_Z272f3xNbuksP_zqqlHCu7D2eegHUmOwKn8ztex65HtrvP8C-9KdqcqKW9Qp_prpbvmiz_sD35CS3jy2lgpIxJSR67toKoDwMIrU50H6V4SYWUAOcfL7DM8fU2KOnwmg8XQdU49Luh6YcxB6yWvR4-v9vJM9ZpCLtVpFf0MlrI8vYhLiCssV8jXeW5IlZElAV_at7Dr6zPrFlIAVw-wpdX85Vei9pWGYEjJMaXy3_muUtQmzcCB_-WniCSj-MLpum-NL2oFHJxNJZ4sHLpJwSiyEsGxGy3lAbM-ub6Wu-OB_vQNyAAdgS-JT6weOhWQLaxE2a_UhzCICUBfPHrwwaqqV-eKXjRaTf7exTql4tA5TXlwDyhnuN6NPWpl8OkvaR1F-6ZDes0zWlLlsJozNgsppvqBv5TzInmGX3XFMhNArPfDexbQokp6tlifKVGgDAiSqjuyWZt8aVA1tNyD2nHgGFMCm0FmpmDViVQAdLjLRJYkWKTu7NdcMBYSmKuuWR5jjmwjjrX3bmcGG0kV2uH4l2GSHbWMKNIlchBxBr2-gOMNJVk8M25KATEz2qKL1qw3fjyHSb&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=5178006650382336&eclog=0&sp=1&im=1&pload=260&rlp=%5B0%2C0.09999847412109375%2C79.70000457763672%2C41.099998474121094%2C2%2C195.0999984741211%2C94.0999984741211%2C56.5%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `82ba94026f481ff49c819d31354b510ed8c23234a67288dca9921609e3fe9727` Request headers Referer https://afgolpawca.com/afu.php?zoneid=1765080&var=1765078&abvar=0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82a559a8086c1e4e-FRA content-encoding br content-type text/html date Thu, 23 Nov 2023 00:38:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TadYawsLkNM%2F7zkprhXAn7YbkO0dreOFa0n6p74QeBMfPyuFK3oBwXSkK6ACu5xaK9qR3FbPKWJ3LZvBouVJ9HRUeFDo7VmNI2lPM1%2BrRpSTAj51RQGk22qdh%2BgIed57ysjqOja%2F31OIRZB9n%2Blm"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82a559a75e304d28-FRA content-type text/html; charset=utf-8 date Thu, 23 Nov 2023 00:38:35 GMT expires Thu, 01 Jan 1970 00:00:01 GMT location https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK%2B9gN9zXIoDW8dahsrlqpPTltCL6eEWbnMzdRsHybcdLQ9oroGNT2GJ2ka3Y7mKdVJIxltLBykbEySMj9HmDeN90paT0nmgMdxVgI%2FHRW8azqsQ0f6iA9v74rxe104P7snToHlerdbHhfhgpumxtj78K7c%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept x-response-time 6.981ms
POST H2	200	dupa.gif afgolpawca.com/	43 B 588 B	34ms 33ms	Ping image/gif	212.117.190.210 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://afgolpawca.com/dupa.gif?z=1765078&r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSOdWYe13H0QUTfIIyb8EyHIc4sbOX0RpvF5n-ZH5owe5wmK161Xy0rCj0bIRG9B2ZLyTcGuaSYn7vBSL8Rf-2V1ZumsQSzv6mOcJ7e-22g5P8dZaHy8ZJ1Vjc6H2XqP85_8in3mvyIe1KRuUmZOIyGdWORNjyArImsCDxHeA8UpQqbH2aIYZNGhywZxR_-dnldm9o4M4PNMhFp9OCZfE5uuTtes09zTno792SGRkEwh-hky2gojXetDhBFrIVf0hJS00ZG80VZwVqTj-8UzyUxb0j9l-SqRg6umehegzGDQhtSGAIcwnJjih9pR0qFNv0XCOfUW8aCbJZWPjn9xiiODwz_bjzw9NfgjhRIJYSNCw5EAmXn9GrBcfLzx6GHpcIQPoHThen3cM-sq8rLoVwWqRNZkyvwwWM50gYLVyp6rtbOK08ywtK0u61mfKuWyPrSDIO7nLf-pU4GDTh32JqjPNJEONlxMC-yX9Twi-J-eOULDO_Z272f3xNbuksP_zqqlHCu7D2eegHUmOwKn8ztex65HtrvP8C-9KdqcqKW9Qp_prpbvmiz_sD35CS3jy2lgpIxJSR67toKoDwMIrU50H6V4SYWUAOcfL7DM8fU2KOnwmg8XQdU49Luh6YcxB6yWvR4-v9vJM9ZpCLtVpFf0MlrI8vYhLiCssV8jXeW5IlZElAV_at7Dr6zPrFlIAVw-wpdX85Vei9pWGYEjJMaXy3_muUtQmzcCB_-WniCSj-MLpum-NL2oFHJxNJZ4sHLpJwSiyEsGxGy3lAbM-ub6Wu-OB_vQNyAAdgS-JT6weOhWQLaxE2a_UhzCICUBfPHrwwaqqV-eKXjRaTf7exTql4tA5TXlwDyhnuN6NPWpl8OkvaR1F-6ZDes0zWlLlsJozNgsppvqBv5TzInmGX3XFMhNArPfDexbQokp6tlifKVGgDAiSqjuyWZt8aVA1tNyD2nHgGFMCm0FmpmDViVQAdLjLRJYkWKTu7NdcMBYSmKuuWR5jjmwjjrX3bmcGG0kV2uH4l2GSHbWMKNIlchBxBr2-gOMNJVk8M25KATEz2qKL1qw3fjyHSb&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=5178006650382336&eclog=0&sp=1&im=1&pload=260&rlp=%5B0%2C0.09999847412109375%2C79.70000457763672%2C41.099998474121094%2C2%2C195.0999984741211%2C94.0999984741211%2C56.5%5D&pload=98&rlp=%5B0%2C0%2C0%2C0%2C-35.099998474121094%2C-0.5%2C-1.6999969482421875%2C0%5D&bb=0 Requested by Host: afgolpawca.com URL: https://afgolpawca.com/?r=dir&zoneid=1765078&pb=475454ac71e4aee8d36a9ebcbbf820dc1700707114&psp=JUSOdWYe13H0QUTfIIyb8EyHIc4sbOX0RpvF5n-ZH5owe5wmK161Xy0rCj0bIRG9B2ZLyTcGuaSYn7vBSL8Rf-2V1ZumsQSzv6mOcJ7e-22g5P8dZaHy8ZJ1Vjc6H2XqP85_8in3mvyIe1KRuUmZOIyGdWORNjyArImsCDxHeA8UpQqbH2aIYZNGhywZxR_-dnldm9o4M4PNMhFp9OCZfE5uuTtes09zTno792SGRkEwh-hky2gojXetDhBFrIVf0hJS00ZG80VZwVqTj-8UzyUxb0j9l-SqRg6umehegzGDQhtSGAIcwnJjih9pR0qFNv0XCOfUW8aCbJZWPjn9xiiODwz_bjzw9NfgjhRIJYSNCw5EAmXn9GrBcfLzx6GHpcIQPoHThen3cM-sq8rLoVwWqRNZkyvwwWM50gYLVyp6rtbOK08ywtK0u61mfKuWyPrSDIO7nLf-pU4GDTh32JqjPNJEONlxMC-yX9Twi-J-eOULDO_Z272f3xNbuksP_zqqlHCu7D2eegHUmOwKn8ztex65HtrvP8C-9KdqcqKW9Qp_prpbvmiz_sD35CS3jy2lgpIxJSR67toKoDwMIrU50H6V4SYWUAOcfL7DM8fU2KOnwmg8XQdU49Luh6YcxB6yWvR4-v9vJM9ZpCLtVpFf0MlrI8vYhLiCssV8jXeW5IlZElAV_at7Dr6zPrFlIAVw-wpdX85Vei9pWGYEjJMaXy3_muUtQmzcCB_-WniCSj-MLpum-NL2oFHJxNJZ4sHLpJwSiyEsGxGy3lAbM-ub6Wu-OB_vQNyAAdgS-JT6weOhWQLaxE2a_UhzCICUBfPHrwwaqqV-eKXjRaTf7exTql4tA5TXlwDyhnuN6NPWpl8OkvaR1F-6ZDes0zWlLlsJozNgsppvqBv5TzInmGX3XFMhNArPfDexbQokp6tlifKVGgDAiSqjuyWZt8aVA1tNyD2nHgGFMCm0FmpmDViVQAdLjLRJYkWKTu7NdcMBYSmKuuWR5jjmwjjrX3bmcGG0kV2uH4l2GSHbWMKNIlchBxBr2-gOMNJVk8M25KATEz2qKL1qw3fjyHSb&fdl=1&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=5178006650382336&eclog=0&sp=1&im=1&pload=260&rlp=%5B0%2C0.09999847412109375%2C79.70000457763672%2C41.099998474121094%2C2%2C195.0999984741211%2C94.0999984741211%2C56.5%5D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.210 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 sec-ch-viewport-height 1200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 sec-ch-device-memory 8 sec-ch-viewport-width 1600 sec-ch-prefers-reduced-transparency no-preference Referer sec-ch-prefers-reduced-motion no-preference sec-ch-dpr 1 sec-ch-prefers-color-scheme light Response headers date Thu, 23 Nov 2023 00:38:35 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin https://afgolpawca.com x-route-id stats.redirect-pixel access-control-allow-credentials true timing-allow-origin * content-length 43
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	conf.json Show response magicbarsllc.com/hood/bWFnaWNiYXJzbGxjLmNvbQ==/	49 B 405 B	123ms 122ms	Fetch application/json	2606:4700:3033::ac43:d957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://magicbarsllc.com/hood/bWFnaWNiYXJzbGxjLmNvbQ==/conf.json Requested by Host: magicbarsllc.com URL: https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:d957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4` Request headers accept-language de-DE,de;q=0.9 Referer https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 00:38:35 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 03 Oct 2023 08:07:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"651bcbbe-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEnvUctDJAtZFks4YZHN1zWIb9h0wLxRYM%2BcL7B0y22T3tsLmBYXKDcCea0GUlVvu9vMVicGaR%2F3ebuiTLfaCtgsOWo4GEz34uTzgXVerxBqqIY%2Fbv12jyUsOMjeOLZC0v7yIrttAzGHFPqkNZZB"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 82a559a979311e4e-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	9 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	ht.js Show response sdk.ocmhood.com/sdk/	29 KB 12 KB	90ms 29ms	Script application/javascript	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT Requested by Host: magicbarsllc.com URL: https://magicbarsllc.com/1x6MHFGSicAG7Lz8IcJf94XsB7IWyemGDE6INgR4Fkg/?cid=M6u7exij8bkzdKANK7Kmv9&sid=gnp_d_clck_push_chrome_de_cpm_prx_1765078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8` Request headers Referer https://magicbarsllc.com/ Origin https://magicbarsllc.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 00:38:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3884 alt-svc h3=":443"; ma=86400 service-worker-allowed / last-modified Fri, 21 Jul 2023 09:35:24 GMT server cloudflare etag W/"64ba515c-2e63" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=822GstO1EyCPt3mndrTnCn0SkyJ3ZftfSy2HhVD3j%2BZi7P12Yxgv1StSmaWJQXGss4ghaqA3sQqJGUjRF9EtisfDbgJaFhpBa9Qp0ivSxnVUk%2B5J9%2F4aX8COY7G6lh%2FL5AfcH2Qw34CnwR3llA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 82a559aaadbd6997-FRA
GET H2	200	NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js Show response cdn.ocmtag.com/tag/	279 B 759 B	88ms 29ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133` Request headers accept-language de-DE,de;q=0.9 Referer https://magicbarsllc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 00:38:36 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1534 alt-svc h3=":443"; ma=86400 service-worker-allowed / last-modified Tue, 03 Oct 2023 07:28:01 GMT server cloudflare etag W/"651bc281-117" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqiG9ZjXiklzj02Cz1L5880ZEKWg%2FusLcCv6K8CzlRX1t7%2BaPCv37TIORTmkpv45uNZKeObNjMl8xTwY4TJkd%2B7Zj5F88VNykHdmgCAimrSk5YYM4x42z9VDMSRlYVT3UTXjnCcXPDW5iWvdjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 82a559ab3fb971cb-FRA
POST H2	201	activity t.ocmhood.com/v2/	0 264 B	130ms 63ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://magicbarsllc.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 23 Nov 2023 00:38:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS47rbp3qh0a2bsqWlNFXWoDu%2FPpVw099yoq5DsnOUAShk197%2F8htzCHeNnWfeVsvzs7X4%2FNTmzp41f9d8WOsMUWl5GHYfDk6Ojgc5BH0oMT6qSQL8POjzriMLXXg2bexYN5k5hMN5sRodc%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 82a559abdd8d3a5a-FRA alt-svc h3=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/	0 438 B	108ms 43ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://magicbarsllc.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 23 Nov 2023 00:38:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h30O0m34ZRP9glZEXeMmoDkgpEnQoK47Ug518N97ygyTrVNS4h91%2Fvl2eGq7%2BBjwa68KnZFcF4%2FqacplAhxQAbCmq27KNE3gu5YkenW6YDVXwEmAzDuRNVvOtLyBLGQo%2Bmfma%2B%2FhWhrOBC4%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 82a559abdd8c3a5a-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
afgolpawca.com/	1970-01-21 01:59:33	Name: CHCK Value: 1
afgolpawca.com/	1970-01-21 01:59:33	Name: UID Value: 231122193804042a4e48c546cb8208ca9a82
afgolpawca.com/	1970-01-20 17:08:11	Name: OACCAP Value: ACmK9QAAAAAAAAAB
afgolpawca.com/	1970-01-20 17:08:11	Name: OACBLOCK Value: ACmK9QAAAABlXYrQ
afgolpawca.com/	1970-01-20 16:26:26	Name: OXCCLK Value: ACmK9QAAAAAAAAAB
afgolpawca.com/	1970-01-20 16:26:26	Name: OXPCLK Value: AAHaxgAAAAAAAAAB
afgolpawca.com/	1970-01-20 16:26:26	Name: ppucnt Value: 1
.www.pshcollectshk.top/	1970-01-21 01:10:35	Name: bemob-viewer-id Value: 028d444c-5681-43fc-913b-363c86ee8b01
.www.pshcollectshk.top/	1970-01-20 16:26:26	Name: bemob-uniq-visit:2be216f6-d421-4480-88ff-ef39cb34a951 Value: 1
.www.pshcollectshk.top/	1970-01-20 16:26:26	Name: bemob-rotation:2be216f6-d421-4480-88ff-ef39cb34a951:random:b579af7b3b3d6a831f3d037272d0363e Value: 0-0-0
.www.pshcollectshk.top/	1970-01-20 16:26:26	Name: bemob-click-id Value: M6u7exij8bkzdKANK7Kmv9
magicbarsllc.com/	1969-12-31 23:59:59	Name: session Value: tOx_QOP0OL4BYIeF6N27_XD9kNLvqBq1
.magicbarsllc.com/	1970-01-21 01:10:35	Name: _ht_v Value: 1700699916.6993563539
.magicbarsllc.com/	1970-01-20 16:25:01	Name: _ht_s Value: 1700699916.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afgolpawca.com
cdn.ocmtag.com
magicbarsllc.com
sdk.ocmhood.com
t.ocmhood.com
www.pshcollectshk.top
212.117.190.210
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:3033::ac43:d957
2a06:98c1:3120::3
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
82ba94026f481ff49c819d31354b510ed8c23234a67288dca9921609e3fe9727
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133
d9a0278577caee3b8ce1d60c8b9b3d919d62ce5aa7d5d5d3250414b978b5c02d
e15a59ad54d810205d9f4f4836ed47dfcd415bf4d7128e637743fd4ddb2929d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

magicbarsllc.com Open in urlscan Pro 2606:4700:3033::ac43:d957 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

59 kBTransfer

126 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

14 Cookies

Indicators

magicbarsllc.com Open in urlscan Pro
2606:4700:3033::ac43:d957 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

59 kB
Transfer

126 kB
Size

14
Cookies

10 HTTP transactions
2 data transactions