urlscan.io logo urlscan.io
SecurityTrails logo

0.magic5.biz Open in urlscan Pro
188.166.64.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad...
Effective URL: https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e
Submission Tags: falconsandbox
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 7 domains to perform 17 HTTP transactions. The main IP is 188.166.64.127, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is 0.magic5.biz.
TLS certificate: Issued by R3 on December 14th 2021. Valid for: 3 months.
This is the only time 0.magic5.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 192.243.59.20 39572 (ADVANCEDH...)
1 3.69.1.168 16509 (AMAZON-02)
3 4 95.216.71.125 24940 (HETZNER-AS)
1 185.162.10.217 59729 (ITL-BG)
3 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
9 188.166.64.127 14061 (DIGITALOC...)
17 8
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
randomignitiondentist.com
1    3.69.1.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-1-168.eu-central-1.compute.amazonaws.com
venetrigni.com
4    95.216.71.125 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.71.216.95.clients.your-server.de
tracker-tds.info
1    185.162.10.217 (Sofia, Bulgaria)

ASN59729 (ITL-BG, UA)
PTR: vps10770.hosted-by.eurohoster.online
1.sabs-push.xyz
3    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
deefauph.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
9    188.166.64.127 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
magic5.biz
0.magic5.biz
Domain Requested by
8 magic5.biz magic5.biz
4 tracker-tds.info 3 redirects 1.sabs-push.xyz
3 deefauph.com 1.sabs-push.xyz
deefauph.com
2 randomignitiondentist.com 1 redirects
1 0.magic5.biz magic5.biz
1 my.rtmark.net deefauph.com
1 1.sabs-push.xyz
1 venetrigni.com randomignitiondentist.com
17 8

This site contains no links.

Subject Issuer Validity Valid
venetrigni.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
1.sabs-push.xyz
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
deefauph.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
tracker-tds.info
R3		 2021-10-20 -
2022-01-18		 3 months crt.sh
magic1.biz
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e
Frame ID: 237AB4EC5F1B02871332A978B38672D7
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

video

Page URL History Show full URLs

  1. http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.ph... Page URL
  2. http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14... HTTP 302
    https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b9466... HTTP 302
    https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
    https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-... Page URL
  3. https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
    https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/h... Page URL
  4. https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e Page URL
  5. https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

6
Countries

136 kB
Transfer

220 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad=2732712&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&kw=%5B%5D&key=c2c5c7372f32d6b91781836c4ce66e51&scrWidth=1920&scrHeight=1080&tz=1&v=21.1.v.1&... Page URL
  2. http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14ab0eea1534a6e1904c9708692148eac71887207ca5df8db1b0252483e7fe583bb34bb7eca169db31afad68197f0bd46e32539ec50&pst=1639650366&rmtc=t&uuid=97851483-6350-41ce-9288-476b856c3fde%3A3%3A1&pii=&in=false&key=c2c5c7372f32d6b91781836c4ce66e51&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&scrWidth=1920&...=&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&ad=2732712&kw=%5B%5D&scrHeight=1080&tz=1&v=21.1.v.1&aihgouw=19 HTTP 302
    https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b94664d77&cost={payout}&PLACEMENT_ID=29221&CAMPAIGN_ID=525342&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=M247%20Ltd&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&REMOTE_LANGUAGE=15&BANNER_ID=1596187 HTTP 302
    https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
    https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e Page URL
  3. https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
    https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw Page URL
  4. https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e Page URL
  5. https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14ab0eea1534a6e1904c9708692148eac71887207ca5df8db1b0252483e7fe583bb34bb7eca169db31afad68197f0bd46e32539ec50&pst=1639650366&rmtc=t&uuid=97851483-6350-41ce-9288-476b856c3fde%3A3%3A1&pii=&in=false&key=c2c5c7372f32d6b91781836c4ce66e51&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&scrWidth=1920&...=&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&ad=2732712&kw=%5B%5D&scrHeight=1080&tz=1&v=21.1.v.1&aihgouw=19 HTTP 302
  • https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b94664d77&cost={payout}&PLACEMENT_ID=29221&CAMPAIGN_ID=525342&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=M247%20Ltd&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&REMOTE_LANGUAGE=15&BANNER_ID=1596187 HTTP 302
  • https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae HTTP 302
  • https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
Request Chain 8
  • https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1 HTTP 302
  • https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1tyas2v5a3
randomignitiondentist.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad=2732712&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&kw=%5B%5D&key=c2c5c7372f32d6b91781836c4ce66e51&scrWidth=1920&scrHeight=1080&tz=1&v=21.1.v.1&...
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c785f430cad390993d5571ddec8f25de66111c9aaf4eece360b8ed41ea6824d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.17.9
Date
Thu, 16 Dec 2021 10:25:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
X-Request-ID
624da21ee4a0b802cdd6bceec48fa1a8
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
stats
venetrigni.com/ 		40 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venetrigni.com/stats
Requested by
Host: randomignitiondentist.com
URL: http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad=2732712&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&kw=%5B%5D&key=c2c5c7372f32d6b91781836c4ce66e51&scrWidth=1920&scrHeight=1080&tz=1&v=21.1.v.1&...
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.1.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-1-168.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://randomignitiondentist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
http://randomignitiondentist.com
date
Thu, 16 Dec 2021 10:25:06 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
/
1.sabs-push.xyz/
Redirect Chain
  • http://randomignitiondentist.com/1tyas2v5a3?shu=f7e65e5386d38ffef07d5f5e4e0acb76dc73bc77c6ac49cd5bd9038986c14ab0eea1534a6e1904c9708692148eac71887207ca5df8db1b0252483e7fe583bb34bb7eca169db31afad6819...
  • https://tracker-tds.info/index.php?key=tvxllufqvww9lxefbb1l&SUB_ID_SHORT=033c90404becf4e40795ba9b94664d77&cost={payout}&PLACEMENT_ID=29221&CAMPAIGN_ID=525342&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrom...
  • https://tracker-tds.info/index.php?key=0fy8mwoxkto2i5yaydnf&clickid=5f9dczwtl17xi9ae
  • https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.162.10.217 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
vps10770.hosted-by.eurohoster.online
Software
nginx /
Resource Hash
9ac66a91a224fcafac5c2f14c223679bee15173cc73f5c924b28f15ccb23a389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://randomignitiondentist.com/

Response headers

Server
nginx
Date
Thu, 16 Dec 2021 10:25:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip

Redirect headers

Server
nginx/1.20.1
Date
Thu, 16 Dec 2021 10:25:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://1.sabs-push.xyz?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
Strict-Transport-Security
max-age=31536000
micro.tag.min.js
deefauph.com/pfe/current/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deefauph.com/pfe/current/micro.tag.min.js?z=3934095&ymid=ac465zwtl17hq04a&var=null
Requested by
Host: 1.sabs-push.xyz
URL: https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
445b9db367cd1663fb3516d8396e106c27963ee2862d4cbcbdc7209f46724398

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.sabs-push.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 10:25:07 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 11:51:56 GMT
server
nginx
etag
W/"61b8855c-165b3"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		97 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d00641ee14b2eddb6a47a61021bd2b664ab13bd761fee4b2e8bca7f132fdd2bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
zone
deefauph.com/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://deefauph.com/zone?&pub=0&zone_id=3934095&is_mobile=false&domain=1.sabs-push.xyz&var=null&ymid=ac465zwtl17hq04a&var_3=&dsig=&action=prerequest
Requested by
Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=3934095&ymid=ac465zwtl17hq04a&var=null
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://1.sabs-push.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
52128790efda2cfe5087d1f2f79467f0
date
Thu, 16 Dec 2021 10:25:07 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-origin
https://1.sabs-push.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3934095&checkDuplicate=true&ymid=ac465zwtl17hq04a&var=null
Requested by
Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=3934095&ymid=ac465zwtl17hq04a&var=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c764dca0719360d1becfc00bc8bb990698cf1df73e49a4b8eac9a2f9d297f17d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.sabs-push.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1.sabs-push.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
deefauph.com/ 		693 B
981 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://deefauph.com/zone?&pub=0&zone_id=3934095&is_mobile=false&domain=1.sabs-push.xyz&var=null&ymid=ac465zwtl17hq04a&var_3=&dsig=&action=settings
Requested by
Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=3934095&ymid=ac465zwtl17hq04a&var=null
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
efd781d8a554d84c2dd0f2cb70c5e7c0ef790d3cb93dcf85894a4c024662fd05
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1.sabs-push.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
85e04d018917ce41df07fa276934e308
date
Thu, 16 Dec 2021 10:25:07 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1.sabs-push.xyz
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
693
index.php
tracker-tds.info/nlp/
Redirect Chain
  • https://tracker-tds.info/index.php?key=0m3kex8j47sh7x0wskc1
  • https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw
105 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw
Requested by
Host: 1.sabs-push.xyz
URL: https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.216.71.125 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.71.216.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f3f33eb9df2cb87a1a67d76abcf7a90279a3b73b899e4379085d60627a255603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1.sabs-push.xyz/?clickid=ac465zwtl17hq04a&uclick=zwtl17xi&uclickhash=zwtl17xi-zwtl17hq-37-0-17wj-6jfe-7v52-d7f34e

Response headers

Server
nginx/1.20.1
Date
Thu, 16 Dec 2021 10:25:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

Server
nginx/1.20.1
Date
Thu, 16 Dec 2021 10:25:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://tracker-tds.info/nlp/index.php?sub1=5e102zwtl17ib83e&url_bnm_redirect=https://magic5.biz/go/haygenlfgm5dcnjw
Strict-Transport-Security
max-age=31536000
haygenlfgm5dcnjw
magic5.biz/go/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
96d201cb7188f7da899b05726dfc66c7c9e3bbc9f748323697dda65dfffe7cbd
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tracker-tds.info/

Response headers

server
nginx
date
Thu, 16 Dec 2021 10:25:07 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
icon1.png
magic5.biz/img/13/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon1.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:45:00 GMT
server
nginx
etag
"5ddbe8ec-1c54"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
7252
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon2.png
magic5.biz/img/13/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon2.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:45:00 GMT
server
nginx
etag
"5ddbe8ec-11e0"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
4576
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon3.png
magic5.biz/img/13/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon3.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:45:00 GMT
server
nginx
etag
"5ddbe8ec-1ea7"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
7847
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon4.png
magic5.biz/img/13/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon4.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:45:00 GMT
server
nginx
etag
"5ddbe8ec-1b78"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
7032
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon5.png
magic5.biz/img/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon5.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:45:00 GMT
server
nginx
etag
"5ddbe8ec-cc0"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
3264
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon7.png
magic5.biz/img/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon7.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:46:00 GMT
server
nginx
etag
"5ddbe928-cd3"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
3283
expires
Sat, 15 Jan 2022 10:25:07 GMT
icon8.png
magic5.biz/img/13/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magic5.biz/img/13/icon8.png
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 10:25:07 GMT
last-modified
Mon, 25 Nov 2019 14:46:00 GMT
server
nginx
etag
"5ddbe928-fe0"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
content-security-policy
img-src https: data:; upgrade-insecure-requests
accept-ranges
bytes
content-length
4064
expires
Sat, 15 Jan 2022 10:25:07 GMT
Primary Request index.php
0.magic5.biz/ 		32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.magic5.biz/index.php?p=haygenlfgm5dcnjw&sub1=5e102zwtl17ib83e
Requested by
Host: magic5.biz
URL: https://magic5.biz/go/haygenlfgm5dcnjw?sub1=5e102zwtl17ib83e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.64.127 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
37d183e39adc50dac79b10f3991111d12c7fbf316ba4f84e60830319cf886ff5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://magic5.biz/

Response headers

server
nginx
date
Thu, 16 Dec 2021 10:25:07 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b942e73e8fbc1fe72938913e824f2abe1572170d2a9375565617a106295543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d86155cfc24d65d1533e8a4833e65f6a44b058a3cfba66908bb0b5fc00349454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array

14 Cookies

Domain/Path Name / Value
randomignitiondentist.com/ Name: u_pl
Value: 29221
randomignitiondentist.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyOTIyMSwiayI6ImMyYzVjNzM3MmYzMmQ2YjkxNzgxODM2YzRjZTY2ZTUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjY4NiwicGlkIjo2NzI2LCJhbiI6ZmFsc2UsImxhbiI6ZmFsc2UsImNpZCI6MTksImFpZCI6MjgsInB0Ijo0LCJwayI6IjF0eWFzMnY1YTMiLCJjcGtzIjp7ICIzNCI6ImI4MjIwNDA0YzM0OGQzMDUyZjRkZDFiNzQ2ODgzNTBjIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTUwOTQ3MCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjExNTM5OSwiYm4iOiJDaHJvbWUiLCJidiI6Ijk2Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NTcsImMiOiJERSIsIm4iOiJHZXJtYW55In0sImEiOnRydWUsImNyIjp7Im4iOiJNMjQ3IEx0ZCJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNvY2NlcmhvY2tleWZhbnMuY29tL3BhZ2UucGhwP2hhc2g9YmFiYTM2In19.hPsmVJ6iHWPmxG_Diat0evqV2zF-uqJfPnz-RVUoBIo
randomignitiondentist.com/ Name: cjs
Value: t
venetrigni.com/ Name: uid_id2
Value: 97851483-6350-41ce-9288-476b856c3fde:3:1
randomignitiondentist.com/ Name: uid_id2
Value: 97851483-6350-41ce-9288-476b856c3fde:3:1
randomignitiondentist.com/ Name: pdhtkv
Value: true
randomignitiondentist.com/ Name: uncs
Value: 1
randomignitiondentist.com/ Name: pdhtkv28
Value: true
randomignitiondentist.com/ Name: uncs28
Value: 1
tracker-tds.info/ Name: uclick
Value: zwtl17xi
my.rtmark.net/ Name: ID
Value: 3dd7ad619b094bde9c5934aabeea9f84
tracker-tds.info/ Name: uclickhash
Value: zwtl17xi-zwtl17ib-wj-0-wj-lp4p-dz-c8dbab
.magic5.biz/ Name: uuid
Value: 95684744-6ec8-4348-959a-18d15e9b5085
.0.magic5.biz/ Name: uuid
Value: 95684744-6ec8-4348-959a-18d15e9b5085

1 Console Messages

Source Level URL
Text
javascript error URL: http://randomignitiondentist.com/1tyas2v5a3?aihgouw=19&refer=https%3A%2F%2Fwww.soccerhockeyfans.com%2Fpage.php%3Fhash%3Dbaba36&ad=2732712&ud=ODMuMjQyLjg1LjE0Mg%3D%3D&td=1639603294&kw=%5B%5D&key=c2c5c7372f32d6b91781836c4ce66e51&scrWidth=1920&scrHeight=1080&tz=1&v=21.1.v.1&...(Line 63)
Message:
Refused to set unsafe header "Referer"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.magic5.biz
1.sabs-push.xyz
deefauph.com
magic5.biz
my.rtmark.net
randomignitiondentist.com
tracker-tds.info
venetrigni.com
139.45.195.8
139.45.197.251
185.162.10.217
188.166.64.127
192.243.59.20
3.69.1.168
95.216.71.125
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
37d183e39adc50dac79b10f3991111d12c7fbf316ba4f84e60830319cf886ff5
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
445b9db367cd1663fb3516d8396e106c27963ee2862d4cbcbdc7209f46724398
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
96d201cb7188f7da899b05726dfc66c7c9e3bbc9f748323697dda65dfffe7cbd
9ac66a91a224fcafac5c2f14c223679bee15173cc73f5c924b28f15ccb23a389
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c764dca0719360d1becfc00bc8bb990698cf1df73e49a4b8eac9a2f9d297f17d
c785f430cad390993d5571ddec8f25de66111c9aaf4eece360b8ed41ea6824d7
d00641ee14b2eddb6a47a61021bd2b664ab13bd761fee4b2e8bca7f132fdd2bc
d6b942e73e8fbc1fe72938913e824f2abe1572170d2a9375565617a106295543
d86155cfc24d65d1533e8a4833e65f6a44b058a3cfba66908bb0b5fc00349454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
efd781d8a554d84c2dd0f2cb70c5e7c0ef790d3cb93dcf85894a4c024662fd05
f3f33eb9df2cb87a1a67d76abcf7a90279a3b73b899e4379085d60627a255603
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e