Submitted URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt that
Effective URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Submission: On December 22 via manual from CA

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 49 HTTP transactions. The main IP is 216.201.101.42, located in Burlington, Canada and belongs to KORAX - Korax Inc., CA. The main domain is www.magnetforensics.com.
This is the only time www.magnetforensics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 216.201.101.42 18650 (KORAX)
1 2.16.106.114 20940 (AKAMAI-ASN1)
2 205.185.208.52 20446 (HIGHWINDS3)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2.16.186.146 20940 (AKAMAI-ASN1)
1 3 18.185.185.214 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.161.188.128 33438 (HIGHWINDS2)
2 3 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:109:c002... 14413 (LINKEDIN)
1 35.174.78.146 14618 (AMAZON-AES)
1 35.174.151.106 14618 (AMAZON-AES)
49 14
Domain
Subdomains
Transfer
34 magnetforensics.com
472 KB
4 linkedin.com
2 KB
4 google-analytics.com
17 KB
4 sharethis.com
8 KB
2 pardot.com
4 KB
2 facebook.net
60 KB
2 jquery.com
96 KB
1 google.de
109 B
1 google.com
181 B
1 doubleclick.net
161 B
1 licdn.com
5 KB
1 googletagmanager.com
28 KB
1 facebook.com
0 B
1 consensu.org
0 B
49 14
Domain Requested by
33 www.magnetforensics.com www.magnetforensics.com
code.jquery.com
4 www.google-analytics.com 3 redirects www.magnetforensics.com
3 px.ads.linkedin.com 2 redirects
3 l.sharethis.com 1 redirects www.magnetforensics.com
2 connect.facebook.net 1 redirects www.magnetforensics.com
2 code.jquery.com www.magnetforensics.com
1 go.magnetforensics.com pi.pardot.com
1 pi.pardot.com cdn.pardot.com
1 www.linkedin.com 1 redirects
1 cdn.pardot.com www.magnetforensics.com
1 www.google.de www.magnetforensics.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 snap.licdn.com www.magnetforensics.com
1 www.googletagmanager.com www.magnetforensics.com
1 staticxx.facebook.com connect.facebook.net
1 c.sharethis.mgr.consensu.org w.sharethis.com
1 w.sharethis.com www.magnetforensics.com
49 18
Subject / Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2017-12-15 -
2019-03-22
a year
*.google-analytics.com
Google Internet Authority G3
2018-12-04 -
2019-02-26
3 months
*.sharethis.mgr.consensu.org
DigiCert ECC Secure Server CA
2018-07-31 -
2019-07-31
a year
*.sharethis.com
Go Daddy Secure Certificate Authority - G2
2017-09-26 -
2020-09-29
3 years
*.licdn.com
DigiCert SHA2 Secure Server CA
2016-02-16 -
2019-04-17
3 years
www.google.de
Google Internet Authority G3
2018-12-04 -
2019-02-26
3 months
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2017-06-06 -
2019-06-11
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^pi(?:Tracker|Hostname|Protocol|CId|AId)$/i

Web
Overall confidence: 100%
Detected patterns
  • script /w\.sharethis\.com\//i

Web
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
malware_domains.txt%20that
/docs/misc
65 KB
65 KB
Document
General
Full URL
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache / PHP/5.3.29
Resource Hash
4b6bccac689d5312b3aa0715498240bc43f4bda7bda801ccc7ea14339fe1ee82

Request headers

Host
www.magnetforensics.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:54:59 GMT
Server
Apache
X-Powered-By
PHP/5.3.29
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://www.magnetforensics.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
widget.css?ver=4.9.9
/wp-content/plugins/yet-another-related-posts-plugin/style
771 B
767 B
Stylesheet
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.9
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 01:48:13 GMT
Server
Apache
ETag
"303-54a427022aabd-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
384
Expires
Mon, 21 Jan 2019 14:55:00 GMT
default.css?ver=all
/wp-content/plugins/ultimate-wp-query-search-filter/themes
1 KB
986 B
Stylesheet
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/ultimate-wp-query-search-filter/themes/default.css?ver=all
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
3d96acd159d9e8d3d04d65b46f807995b419c1cf3781512d4504703f496bfc24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 May 2015 21:59:35 GMT
Server
Apache
ETag
"592-517175bc6dfc0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
603
Expires
Mon, 21 Jan 2019 14:55:00 GMT
wpa-style.css?ver=4.9.9
/wp-content/plugins/wp-accessibility/css
3 KB
1 KB
Stylesheet
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=4.9.9
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
64310f507a131ccb016a78b2a2d744b0fea04d811e35be097698fb9458714683

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 14:54:06 GMT
Server
Apache
ETag
"a30-568dec2fa79c3-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
829
Expires
Mon, 21 Jan 2019 14:55:00 GMT
main.min.css?ver=1.1.6
/wp-content/themes/magnet/resources
360 KB
56 KB
Stylesheet
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
305c78781fd8a05489b915f1301c2528d5c85917830c1802122251df852724d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jul 2018 14:42:57 GMT
Server
Apache
ETag
"59f55-5716f4fc73dcb-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
56822
Expires
Mon, 21 Jan 2019 14:55:00 GMT
hh.min.css?ver=1.1.8
/wp-content/themes/magnet/resources
57 KB
8 KB
Stylesheet
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/hh.min.css?ver=1.1.8
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
e29f8a3b60e39f167e6f20fde3999a93ec19b6b18db37d0b7abe82957aad401c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2018 13:24:28 GMT
Server
Apache
ETag
"e426-571beae7ff5b6-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8206
Expires
Mon, 21 Jan 2019 14:55:00 GMT
wp-emoji-release.min.js?ver=4.9.9
/wp-includes/js
12 KB
5 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.9
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Aug 2018 07:17:17 GMT
Server
Apache
ETag
"2efa-57282b7c1d0af-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4382
Expires
Tue, 25 Dec 2018 02:55:00 GMT
Adblocked st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
w.sharethis.com/button
21 KB
6 KB
Script
General
Full URL
http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
2.16.106.114 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-106-114.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
e3b95afa26dfd9354581994244bc6137666cd68426f01f6478827e3a79c6b531
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
W/"5c1be729-553a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
keep-alive
Content-Length
6340
Expires
Tue, 25 Dec 2018 14:02:09 GMT
jquery.js?ver=1.12.4
/wp-includes/js/jquery
95 KB
33 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 01:41:19 GMT
Server
Apache
ETag
"17ba0-53701c8540dc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33766
Expires
Tue, 25 Dec 2018 02:55:00 GMT
Verified jquery-migrate.min.js?ver=1.4.1
/wp-includes/js/jquery
10 KB
4 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Verified resource
jquery-migrate/1.4.1/jquery-migrate.min.js at cdnjs.com, project jquery-migrate

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2016 01:41:19 GMT
Server
Apache
ETag
"2748-53701c8540dc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4014
Expires
Tue, 25 Dec 2018 02:55:00 GMT
jquery-1.11.2.min.js?ver=1.11.2
code.jquery.com
94 KB
33 KB
Script
General
Full URL
http://code.jquery.com/jquery-1.11.2.min.js?ver=1.11.2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:54:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 16:05:21 GMT
Server
nginx
ETag
"5491a9c1-176bb"
Vary
Accept-Encoding
X-HW
1545490499.dop018.fr8.t,1545490499.cds122.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33262
Verified jquery-ui.min.js?ver=1.11.2
code.jquery.com/ui/1.11.2
234 KB
63 KB
Script
General
Full URL
http://code.jquery.com/ui/1.11.2/jquery-ui.min.js?ver=1.11.2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
Verified resource
jqueryui/1.11.2/jquery-ui.min.js at cdnjs.com, project jqueryui

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:54:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-3a7cc"
Vary
Accept-Encoding
X-HW
1545490499.dop030.fr8.t,1545490499.cds075.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64186
Adblocked external-tracking.min.js?ver=6.5.4
/wp-content/plugins/google-analyticator
1 KB
861 B
Script
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
5a9dcb270ba38d94fd27a5ae4c6a6d10bb6a25fe0473df95fe4c405e82801289
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 14:48:24 GMT
Server
Apache
ETag
"4a6-568deae91536f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
464
Expires
Tue, 25 Dec 2018 02:55:00 GMT
Adblocked ssba.min.js?ver=4.9.9
/wp-content/plugins/simple-share-buttons-adder/js
583 B
717 B
Script
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.9.9
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
d7150307d4a68a23c2c677008d29475a47f6cc368c17215cabc6960887938cd0
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 01:53:51 GMT
Server
Apache
ETag
"247-54a42844b32d7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
320
Expires
Tue, 25 Dec 2018 02:55:00 GMT
uwpqsfscript.js?ver=1.0
/wp-content/plugins/ultimate-wp-query-search-filter/classes/scripts
2 KB
1 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/ultimate-wp-query-search-filter/classes/scripts/uwpqsfscript.js?ver=1.0
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
f82339447cb930c48e8175574cba7c3c7ced5f83c85e21249471c83a7342c60f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 May 2015 21:59:35 GMT
Server
Apache
ETag
"98f-517175bc6dfc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
824
Expires
Tue, 25 Dec 2018 02:55:00 GMT
longdesc.button.js?ver=1.0
/wp-content/plugins/wp-accessibility/js
1 KB
843 B
Script
General
Full URL
http://www.magnetforensics.com/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
5e51dec321764aa55dd68e97a79fec62f45da38aaeac982726ab0796df35ed28

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 14:54:06 GMT
Server
Apache
ETag
"46a-568dec2fab71b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
446
Expires
Tue, 25 Dec 2018 02:55:00 GMT
scripts.min.js?ver=1.1.3
/wp-content/themes/magnet/resources
237 KB
62 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/scripts.min.js?ver=1.1.3
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
ed84c9a953ba1a85e8e1fb951ff74df7e1426efa5cf8edf2e9773a56d1a87785

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Apr 2018 13:11:32 GMT
Server
Apache
ETag
"3b54d-56ac020597ff2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Tue, 25 Dec 2018 02:55:00 GMT
wp-embed.min.js?ver=4.9.9
/wp-includes/js
1 KB
1 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-includes/js/wp-embed.min.js?ver=4.9.9
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Dec 2018 03:17:56 GMT
Server
Apache
ETag
"57b-57cdec2d29937-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
753
Expires
Tue, 25 Dec 2018 02:55:00 GMT
respond.js
/wp-content/themes/magnet/js/vendor
10 KB
4 KB
Script
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/js/vendor/respond.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
57290708c28b937a984a5fb960c32f9e4067a34a5c0ce5aeeaebf07d96f3dce6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Feb 2018 03:37:47 GMT
Server
Apache
ETag
"27b3-5650fb7e6b9a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3880
Expires
Tue, 25 Dec 2018 02:55:00 GMT
evenColumns.js
/wp-content/themes/magnet/js/vendor
2 KB
991 B
Script
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/js/vendor/evenColumns.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
ce9ef08ca2cb171621a97c03cfcadef964cc998a3de6f1b226ce9ba5a215578d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Feb 2018 03:37:48 GMT
Server
Apache
ETag
"67e-5650fb7f243d2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
594
Expires
Tue, 25 Dec 2018 02:55:00 GMT
sdk.js
connect.facebook.net/en_US
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
194 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a787b654b47ac3cba424c69be79b91e0cc9748fa64ab7a967b3bfb80ddce2d27
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
nPx5vvS1FiGLfA+ozE6ksQ==
status
200
vary
Accept-Encoding
content-length
60669
x-xss-protection
0
x-fb-debug
ZeHc0062grrhTVRfDx2BI2qe3pRpiZblvomk8cysGqzo8KXUdRfMh19vwPrDBviSn8p0FcqktRyq/9tRIW51bg==
x-fb-content-md5
bef0f753874448fd55cede87bb7a0122
date
Sat, 22 Dec 2018 14:55:00 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"133799652300e9a4d73a5a44006c6bad"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Sat, 22 Dec 2018 15:01:55 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason
HSTS
Adblocked analytics.js
www.google-analytics.com
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
6041
date
Sat, 22 Dec 2018 13:14:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Sat, 22 Dec 2018 15:14:19 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
logo_notext.png
/wp-content/themes/magnet/resources/img
3 KB
3 KB
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/logo_notext.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
f62d55835bc595f4d6569a8aa363d9cbe106f4d44942906f6da19fe2ff388540

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:07 GMT
Server
Apache
ETag
"b8b-5650fbcabbd51"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2955
Expires
Sun, 22 Dec 2019 14:55:00 GMT
logo.png
/wp-content/themes/magnet/resources/img
3 KB
3 KB
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/logo.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
dbd7382bb51c62141f38e9958366315dbdc3f625f7c47a68084c9369743f4c39

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:06 GMT
Server
Apache
ETag
"ad2-5650fbc9c7fa3"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2770
Expires
Sun, 22 Dec 2019 14:55:00 GMT
dropdown.png
/wp-content/themes/magnet/images
182 B
512 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/images/dropdown.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
9fe810517e3a100b0cac4e15a1099dc907890e6cde618244eb478809b766b01a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:37:20 GMT
Server
Apache
ETag
"b6-5650fb63fe3ad"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
182
Expires
Sun, 22 Dec 2019 14:55:00 GMT
search.png
/wp-content/themes/magnet/images
415 B
746 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/images/search.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
f312258a4c361da7280dd29a0898978c95e689a869167e77b5707fa9471c1605

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:37:31 GMT
Server
Apache
ETag
"19f-5650fb6efdf4e"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
415
Expires
Sun, 22 Dec 2019 14:55:00 GMT
axiom_popup.png
/wp-content/themes/magnet/images
4 KB
5 KB
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/images/axiom_popup.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
96c60c7b4ea032f075a0ced6b56a5eab8df1e9fa5a9101bf140aac59982e9796

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:36:50 GMT
Server
Apache
ETag
"1170-5650fb47c45c8"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4464
Expires
Sun, 22 Dec 2019 14:55:00 GMT
Adblocked rss_grey.png
/wp-content/themes/magnet/resources/img
507 B
838 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/rss_grey.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
1489a9f7bede2d18c9df1eded1a131fb23f5a729dc5746e63d77a05008ce0ac6
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:10 GMT
Server
Apache
ETag
"1fb-5650fbcd33a7f"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
507
Expires
Sun, 22 Dec 2019 14:55:00 GMT
Adblocked twitter_grey.png
/wp-content/themes/magnet/resources/img
487 B
818 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/twitter_grey.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
d0bcfed38b8ef23502abcd75c3f76c358f1f149f9c471fa76095460548532a7c
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:11 GMT
Server
Apache
ETag
"1e7-5650fbcddc1b7"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
487
Expires
Sun, 22 Dec 2019 14:55:00 GMT
youtube_grey.png
/wp-content/themes/magnet/resources/img
543 B
874 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/youtube_grey.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
7fb4b3afc5ff39eb356d5b6806658612b0dd66e122b8534aaeec285dd8db0957

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:05 GMT
Server
Apache
ETag
"21f-5650fbc8f3573"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
543
Expires
Sun, 22 Dec 2019 14:55:00 GMT
linkedin_grey.png
/wp-content/themes/magnet/resources/img
353 B
684 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/linkedin_grey.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
3a5b0a26ee61e5242db7381bccfa9eea5c9d215a30f8cd1b0148301b56581ce7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:07 GMT
Server
Apache
ETag
"161-5650fbcaaa4f5"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
353
Expires
Sun, 22 Dec 2019 14:55:00 GMT
google_grey.png
/wp-content/themes/magnet/resources/img
563 B
894 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/google_grey.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
e9e40dcf7b3b2b03c94ebf2123f770b054429aacdc141e9cea7a9e46e4a13081

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:11 GMT
Server
Apache
ETag
"233-5650fbcdd14fb"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
563
Expires
Sun, 22 Dec 2019 14:55:00 GMT
vimeo_gray.png
/wp-content/themes/magnet/resources/img
870 B
1 KB
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/vimeo_gray.png
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
7d5ce63221e68ca15ebb921cc25064a08b1f30fe210127fc818327194ea1cf49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:05 GMT
Server
Apache
ETag
"366-5650fbc8ca4f9"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
870
Expires
Sun, 22 Dec 2019 14:55:00 GMT
2E4B35_4_unhinted_0.woff2
/wp-content/themes/magnet/fonts
54 KB
54 KB
Font
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/fonts/2E4B35_4_unhinted_0.woff2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
4a787963b501a7e85eb7b44533208019aeaf77deb60b351c8822ca81c07460b2

Request headers

Pragma
no-cache
Origin
http://www.magnetforensics.com
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Origin
http://www.magnetforensics.com

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:36:35 GMT
Server
Apache
ETag
"d727-5650fb39cb759"
Content-Type
font/woff2
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
55079
Expires
Mon, 24 Dec 2018 14:55:00 GMT
2E4B35_1_unhinted_0.woff2
/wp-content/themes/magnet/fonts
52 KB
52 KB
Font
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/fonts/2E4B35_1_unhinted_0.woff2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
a546793736a732b88ccf97885a64a8a7a37dad8694ab5a98fd720dabdfe13c29

Request headers

Pragma
no-cache
Origin
http://www.magnetforensics.com
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Origin
http://www.magnetforensics.com

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:34:31 GMT
Server
Apache
ETag
"cf12-5650fac31deb8"
Content-Type
font/woff2
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
53010
Expires
Mon, 24 Dec 2018 14:55:00 GMT
2E4B35_0_unhinted_0.woff2
/wp-content/themes/magnet/fonts
50 KB
50 KB
Font
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/fonts/2E4B35_0_unhinted_0.woff2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
184d82a505435117fb86512329cbda9495c239f4f3c02cb64038d6f91fe9ca54

Request headers

Pragma
no-cache
Origin
http://www.magnetforensics.com
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Origin
http://www.magnetforensics.com

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:35:43 GMT
Server
Apache
ETag
"c64a-5650fb07afcca"
Content-Type
font/woff2
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
50762
Expires
Mon, 24 Dec 2018 14:55:00 GMT
2E4B35_2_unhinted_0.woff2
/wp-content/themes/magnet/fonts
50 KB
50 KB
Font
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/fonts/2E4B35_2_unhinted_0.woff2
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
c871107eaaa69c14f6a74677129e2fdd4166108dddfc2631ef5be42dc57c3449

Request headers

Pragma
no-cache
Origin
http://www.magnetforensics.com
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Origin
http://www.magnetforensics.com

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:35:40 GMT
Server
Apache
ETag
"c747-5650fb04ecc1e"
Content-Type
font/woff2
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
51015
Expires
Mon, 24 Dec 2018 14:55:00 GMT
Adblocked portal.html
c.sharethis.mgr.consensu.org/v1.0/cmp
0
0
Document
General
Full URL
https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.146 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Host
c.sharethis.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
ETag
W/"26b-4977387000"
Last-Modified
Tue, 01 Jan 1980 00:00:00 GMT
Vary
Accept-Encoding
Content-Length
334
Cache-Control
public, max-age=3600
Date
Sat, 22 Dec 2018 14:55:00 GMT
Connection
keep-alive
sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
l.sharethis.com
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=60e486d-167d6698b89-6a7d4199-1&sessionID=1545490500489.73518&hostname=www.magnetforensics.com&location=%2Fdocs%2Fmisc%2F...
  • https://l.sharethis.com/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
0
-1 B
XHR
General
Full URL
https://l.sharethis.com/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.185.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-185-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Location
/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin
http://www.magnetforensics.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
183
Stid
ZGAM2VweUEQAAAATcdyBAw==

Redirect headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Access-Control-Allow-Origin
http://www.magnetforensics.com
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
Content-Length
183
Stid
ZGAM2VweUEQAAAATcdyBAw==
j-GHT1gpo6-.js?version=43
staticxx.facebook.com/connect/xd_arbiter/r
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 20 Dec 2019 21:51:31 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
FiHXuPmuOauOLQBCHrpyQGJGUt0yn/DMGXdQk1UifonMLF4QUIeyM4C3QIXXtZ9gm6oCz2Dn+huB0NDuyobrKg==
content-length
12077
date
Sat, 22 Dec 2018 14:55:00 GMT
Adblocked gtm.js?id=GTM-WJWWJV
www.googletagmanager.com
85 KB
28 KB
Script
General
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
0e628f9aa57583b4a12556269d743128a51c335e270d2908ad6ecf235aa9aa5b
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
28446
X-XSS-Protection
1; mode=block
Expires
Sat, 22 Dec 2018 14:55:00 GMT
Adblocked insight.min.js
snap.licdn.com/li.lms-analytics
15 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=66015
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
search-icon-lg.png
/wp-content/themes/magnet/resources/img
408 B
739 B
Image
General
Full URL
http://www.magnetforensics.com/wp-content/themes/magnet/resources/img/search-icon-lg.png
Requested by
Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.11.2.min.js?ver=1.11.2
Protocol
HTTP/1.1
Server
216.201.101.42 Burlington, Canada, ASN18650 (KORAX - Korax Inc., CA),
Reverse DNS
vsd42.korax.net
Software
Apache /
Resource Hash
e8328e585f0a2bf9c7a51dbb8b6b65668566fbb87bf8ae43eb0f9c512918c8b1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1; _ga=GA1.2.586599521.1545490501; _gid=GA1.2.1987162813.1545490501; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/wp-content/themes/magnet/resources/main.min.css?ver=1.1.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Last-Modified
Tue, 13 Feb 2018 03:39:05 GMT
Server
Apache
ETag
"198-5650fbc8d693a"
Content-Type
image/png
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
408
Expires
Sun, 22 Dec 2019 14:55:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906&slf_rd=1&random=823489733
www.google.de/ads
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1809881982&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&ul=en-us&de=UTF-8&dt=Pag...
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1809881982&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&ul=en-us&de=UTF-8&dt=Pa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_gid=1987162813.1545490501&gjid=1547484079&_v=j72&z=1437536906
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906&slf_rd=1&random=823489733
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906&slf_rd=1&random=823489733
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Dec 2018 14:55:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Dec 2018 14:55:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906&slf_rd=1&random=823489733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
l.sharethis.com
51 B
480 B
XHR
General
Full URL
https://l.sharethis.com/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.185.214 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-185-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5433957c96080ffd71e4070b204747c1f8af7c12ca185716601d47e0e6348d44
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Origin
http://www.magnetforensics.com

Response headers

Date
Sat, 22 Dec 2018 14:55:00 GMT
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://www.magnetforensics.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGAM2VweUEQAAAATcdyBAw==
Access-Control-Allow-Headers
*
Content-Length
51
Adblocked pd.js
cdn.pardot.com
5 KB
2 KB
Script
General
Full URL
http://cdn.pardot.com/pd.js
Requested by
Host: www.magnetforensics.com
URL: http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Protocol
HTTP/1.1
Server
108.161.188.128 Los Angeles, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d80add91090c996d925768fcf9efff2fdcdf0db8778c5b7686e51826cd95d4e0
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 22 Dec 2018 14:55:01 GMT
Content-Encoding
gzip
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
X-Pardot-LB
fdc71f84949bbe494d7dca54f432c642
Last-Modified
Wed, 10 Feb 2016 15:17:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"14f1"
Vary
Accept-Encoding,User-Agent
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=63072000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 02 Jan 2019 06:56:22 GMT
Adblocked ?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true&liSync=true
px.ads.linkedin.com/collect
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1545490500996%26pid%3D92594%26url%3Dhttp%253A%252F%252Fwww.magnetforensics.com%252Fdocs%252Fmisc...
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true&liSync=true
0
69 B
Script
General
Full URL
https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 22 Dec 2018 14:55:01 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
20
x-li-uuid
KZ7iL2yvchVAh+rojisAAA==

Redirect headers

date
Sat, 22 Dec 2018 14:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-edc2
content-length
20
x-li-uuid
SX4qLGyvchWAiG0ZyCoAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
Adblocked analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=33083&account_id=53162&title=Page%20Not%20Found%20-%20Magnet%20Forensics%20Inc.&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_d...
pi.pardot.com
1 KB
2 KB
Script
General
Full URL
http://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=33083&account_id=53162&title=Page%20Not%20Found%20-%20Magnet%20Forensics%20Inc.&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&referrer=
Requested by
Host: cdn.pardot.com
URL: http://cdn.pardot.com/pd.js
Protocol
HTTP/1.0
Server
35.174.78.146 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-5-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
01055dee8cce9b1db4ae7ffbd228854e0680eea1c224195dda46a3e993b9db0b
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Dec 2018 14:55:01 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp
16/108/142
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
513
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Adblocked Cookie set analytics?conly=true&visitor_id=275185161&pi_opt_in=&campaign_id=33083&account_id=53162&title=Page%20Not%20Found%20-%20Magnet%20Forensics%20Inc.&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmi...
go.magnetforensics.com
45 B
1017 B
Script
General
Full URL
http://go.magnetforensics.com/analytics?conly=true&visitor_id=275185161&pi_opt_in=&campaign_id=33083&account_id=53162&title=Page%20Not%20Found%20-%20Magnet%20Forensics%20Inc.&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&referrer=&visitor_id_sign=12b226b05208182ab356ecd72bce2f044b36f54b9084733fc6e9d7a667f00c4e5017c99a90ec4d4a0e03fc19f53074f89d31c2bd
Requested by
Host: pi.pardot.com
URL: http://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=33083&account_id=53162&title=Page%20Not%20Found%20-%20Magnet%20Forensics%20Inc.&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&referrer=
Protocol
HTTP/1.0
Server
35.174.151.106 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
c699f1728b301d74d6af80a9373aab4b9885b9d083ffd2e04fc7b4ba020729d1
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
go.magnetforensics.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
Cookie
__unam=60e486d-167d6698b89-6a7d4199-1; _ga=GA1.2.586599521.1545490501; _gid=GA1.2.1987162813.1545490501; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.magnetforensics.com/docs/misc/malware_domains.txt%20that
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Dec 2018 14:55:01 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp
16/53/206
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Set-Cookie
pardot=cscn15f6g62csiaussnqovpmq6; path=/ visitor_id52162=275185161; expires=Tue, 19-Dec-2028 14:55:01 GMT; Max-Age=315360000; path=/ visitor_id52162-hash=4a6a6e2cce2b932d326c5ceb4fd88a71f4bc2b0106ebf1564c480aa2d746970c380264c09ea15fb7ee3daf803f52f2cc9d662544; expires=Tue, 19-Dec-2028 14:55:01 GMT; Max-Age=315360000; path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
45
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 20
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
Request 21
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
Request 38
  • https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=60e486d-167d6698b89-6a7d4199-1&sessionID=1545490500489.73518&hostname=www.magnetforensics.com&location=%2Fdocs%2Fmisc%2F...
  • https://l.sharethis.com/sc?cm=ZGAM2VweUEQAAAATcdyBAw%3D%3D&uid=true&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt+that&sop=false
Request 43
  • http://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1809881982&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&ul=en-us&de=UTF-8&dt=Pag...
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1809881982&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&ul=en-us&de=UTF-8&dt=Pa...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_gid=1987162813.1545490501&gjid=1547484079&_v=j72&z=1437536906
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34380560-1&cid=586599521.1545490501&jid=1735884373&_v=j72&z=1437536906&slf_rd=1&random=823489733
Request 46
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1545490500996%26pid%3D92594%26url%3Dhttp%253A%252F%252Fwww.magnetforensics.com%252Fdocs%252Fmisc...
  • https://px.ads.linkedin.com/collect/?time=1545490500996&pid=92594&url=http%3A%2F%2Fwww.magnetforensics.com%2Fdocs%2Fmisc%2Fmalware_domains.txt%2520that&fmt=js&s=1&cookiesTest=true&liSync=true

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion boolean| opt_out object| stLight boolean| st_showing function| $ function| jQuery function| newsroomHeights function| axiomHeights number| windowW object| controller object| scene object| scene1 object| scene2 object| scene3 undefined| scene4 boolean| openedFirst object| jQuery11120741958195280831 object| analyticsFileTypes string| analyticsSnippet string| analyticsEventTracking string| GoogleAnalyticsObject function| ga object| ajax object| twemoji object| wp object| google_tag_data object| gaplugins object| gaGlobal object| FB function| ScrollMagic function| IScroll function| Cookies function| Layzr object| respond object| layzr string| piAId string| piCId object| dataLayer string| _linkedin_data_partner_id object| gaData function| process_data function| upagi_ajax number| menuHeight object| google_tag_manager function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called number| piScriptNum object| piScriptObj function| checkNamespace function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie object| pi number| c_start string| property function| piResponse

4 Cookies

Domain/Path Name / Value
.magnetforensics.com/ Name: _gat
Value: 1
.magnetforensics.com/ Name: _gid
Value: GA1.2.1987162813.1545490501
.magnetforensics.com/ Name: _ga
Value: GA1.2.586599521.1545490501
.magnetforensics.com/ Name: __unam
Value: 60e486d-167d6698b89-6a7d4199-1

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.magnetforensics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1, Line 2, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.sharethis.mgr.consensu.org
cdn.pardot.com
code.jquery.com
connect.facebook.net
go.magnetforensics.com
l.sharethis.com
pi.pardot.com
px.ads.linkedin.com
snap.licdn.com
staticxx.facebook.com
stats.g.doubleclick.net
w.sharethis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.magnetforensics.com
108.161.188.128
18.185.185.214
2.16.106.114
2.16.186.146
205.185.208.52
216.201.101.42
2620:109:c002::6cae:a0a
2a00:1450:4001:806::2004
2a00:1450:4001:815::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:400c:c08::9d
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a05:f500:10:101::b93f:9105
35.174.151.106
35.174.78.146
01055dee8cce9b1db4ae7ffbd228854e0680eea1c224195dda46a3e993b9db0b
0e628f9aa57583b4a12556269d743128a51c335e270d2908ad6ecf235aa9aa5b
1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3
1489a9f7bede2d18c9df1eded1a131fb23f5a729dc5746e63d77a05008ce0ac6
184d82a505435117fb86512329cbda9495c239f4f3c02cb64038d6f91fe9ca54
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
305c78781fd8a05489b915f1301c2528d5c85917830c1802122251df852724d5
3a5b0a26ee61e5242db7381bccfa9eea5c9d215a30f8cd1b0148301b56581ce7
3d96acd159d9e8d3d04d65b46f807995b419c1cf3781512d4504703f496bfc24
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a787963b501a7e85eb7b44533208019aeaf77deb60b351c8822ca81c07460b2
4b6bccac689d5312b3aa0715498240bc43f4bda7bda801ccc7ea14339fe1ee82
5433957c96080ffd71e4070b204747c1f8af7c12ca185716601d47e0e6348d44
57290708c28b937a984a5fb960c32f9e4067a34a5c0ce5aeeaebf07d96f3dce6
5a9dcb270ba38d94fd27a5ae4c6a6d10bb6a25fe0473df95fe4c405e82801289
5e51dec321764aa55dd68e97a79fec62f45da38aaeac982726ab0796df35ed28
64310f507a131ccb016a78b2a2d744b0fea04d811e35be097698fb9458714683
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7d5ce63221e68ca15ebb921cc25064a08b1f30fe210127fc818327194ea1cf49
7fb4b3afc5ff39eb356d5b6806658612b0dd66e122b8534aaeec285dd8db0957
96c60c7b4ea032f075a0ced6b56a5eab8df1e9fa5a9101bf140aac59982e9796
9fe810517e3a100b0cac4e15a1099dc907890e6cde618244eb478809b766b01a
a546793736a732b88ccf97885a64a8a7a37dad8694ab5a98fd720dabdfe13c29
a787b654b47ac3cba424c69be79b91e0cc9748fa64ab7a967b3bfb80ddce2d27
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c699f1728b301d74d6af80a9373aab4b9885b9d083ffd2e04fc7b4ba020729d1
c871107eaaa69c14f6a74677129e2fdd4166108dddfc2631ef5be42dc57c3449
ce9ef08ca2cb171621a97c03cfcadef964cc998a3de6f1b226ce9ba5a215578d
d0bcfed38b8ef23502abcd75c3f76c358f1f149f9c471fa76095460548532a7c
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d7150307d4a68a23c2c677008d29475a47f6cc368c17215cabc6960887938cd0
d80add91090c996d925768fcf9efff2fdcdf0db8778c5b7686e51826cd95d4e0
dbd7382bb51c62141f38e9958366315dbdc3f625f7c47a68084c9369743f4c39
e29f8a3b60e39f167e6f20fde3999a93ec19b6b18db37d0b7abe82957aad401c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b95afa26dfd9354581994244bc6137666cd68426f01f6478827e3a79c6b531
e8328e585f0a2bf9c7a51dbb8b6b65668566fbb87bf8ae43eb0f9c512918c8b1
e9e40dcf7b3b2b03c94ebf2123f770b054429aacdc141e9cea7a9e46e4a13081
ed84c9a953ba1a85e8e1fb951ff74df7e1426efa5cf8edf2e9773a56d1a87785
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f312258a4c361da7280dd29a0898978c95e689a869167e77b5707fa9471c1605
f62d55835bc595f4d6569a8aa363d9cbe106f4d44942906f6da19fe2ff388540
f82339447cb930c48e8175574cba7c3c7ced5f83c85e21249471c83a7342c60f
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e