Report - magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=

Report Overview

Submitted URL
magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
IP
104.21.25.236
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 00:02:53
Access
public
Website Title
Registration
Final URL
magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-22	1.6 kB	132 kB	216.58.207.227
magixflix.club	unknown	2022-09-04	2023-09-06	2024-02-21	5.3 kB	859 kB	104.21.25.236
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-23	429 B	31 kB	216.58.211.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-21	medium	magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed
2024-04-24	medium	magixflix.club	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-05 20:54:16 Times Seen388552 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	magixflix.club/su/scripts/global.js	13 kB	2024-04-24	2024-05-03
Pretty URL magixflix.club/su/scripts/global.js IP 104.21.25.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 02:02:53 Last Seen2024-05-03 09:50:30 Times Seen3 Hash dcb0b48d3bfdd656e232703c3b2815b9 8acc4403f9af0bb59ecc24821a9f285d716f27b5 26d7735277d21a0ff3d246061f11082cf2b9d96052bb6c33fdf35af668532d34 Loading...

HTTP Transactions (13)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

216.58.211.10

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 13:58:14 GMT
expires: Sun, 20 Apr 2025 13:58:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 295453
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

216.58.207.227

200 OK

43 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43068, version 1.0
Size
43 kB (43068 bytes)
Hash
ee1b2a154fb9ea98a28413a839adedfb
1157da48116edf45be67766d8c69a45388d30bd3
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magixflix.club
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 43068
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:26:46 GMT
expires: Wed, 23 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 59741
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

magixflix.club/su/scripts/global.js

104.21.25.236

200 OK

49 kB

URL GET HTTP/3
magixflix.club/su/scripts/global.js
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (11803), with no line terminators
Size
49 kB (48667 bytes)
Hash
3ffc5a4343f9c89685fcff48c329fffb
487d0065918d112bd1958d23bdafa735e1959203
97bc5b3de9520ad4a939fd4ecb4eabf2f00a04b7bc92dcb243d7691374c3129a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /su/scripts/global.js HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajESs8QqzW4RmG3F97mqLtX11W%2BnSghpMSFtd3V27zQcmYjo3UMZRUJvY02%2FJDcM6njGmjzx8WIAOCce8O8FdJxzMSOIJuvuRIE1pwqIzIJdNvSdKTodB5ckQVHdT%2Bmy3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791d31788bc56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

216.58.207.227

200 OK

43 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43068, version 1.0
Size
43 kB (43068 bytes)
Hash
ee1b2a154fb9ea98a28413a839adedfb
1157da48116edf45be67766d8c69a45388d30bd3
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magixflix.club
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 43068
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:26:46 GMT
expires: Wed, 23 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 59741
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

216.58.207.227

200 OK

43 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43068, version 1.0
Size
43 kB (43068 bytes)
Hash
ee1b2a154fb9ea98a28413a839adedfb
1157da48116edf45be67766d8c69a45388d30bd3
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://magixflix.club
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 43068
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:26:46 GMT
expires: Wed, 23 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 59741
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

magixflix.club/images/su4/yellow-alert.webp

104.21.25.236

200 OK

742 B

URL GET HTTP/3
magixflix.club/images/su4/yellow-alert.webp
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
RIFF (little-endian) data, Web/P image
Size
742 B (742 bytes)
Hash
5440c255a9834877ed4b1d57fdc7a74b
deee00a4ad63d3f82c4be0c1ea42c22463fe571e
0c944d6eb6446946d5a95b60eb2f3f07c61bce5bc4d7583513f858760d6e487e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/su4/yellow-alert.webp HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: image/webp
content-length: 742
cf-ray: 8791d31778b556cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=14400
etag: "5440c255a9834877ed4b1d57fdc7a74b"
last-modified: Fri, 08 Mar 2024 11:53:47 GMT
x-amz-request-id: tx000009018286d03add5da-006622a3fc-2958f98ad-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZG41zJfIS8Fb%2FGJWO0NQANtNzPe57d%2FEgY5NOMdqKiHYhFxfwxC9%2BnNf96rLYIv0cVcLrSLrfS3TggAzz2gQ3eIEqz4lPP8Sv%2FXuDfrWjGeYha5M3uiI4pa61sMPisXpYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/images/su4/logo.png

104.21.25.236

200 OK

3.1 kB

URL GET HTTP/3
magixflix.club/images/su4/logo.png
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3133 bytes)
Hash
5099d6ab9c6cca8c0c6401de1b2b6476
4034e669cc5f750b27d8cff9f9ebe35f77b56acb
7058bf66b744f3770e4cdc143eec4ad7d77f453d6329b5095a1c42d6fee1fa03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/su4/logo.png HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: image/png
content-length: 3133
cf-ray: 8791d31778b756cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=14400
etag: "5099d6ab9c6cca8c0c6401de1b2b6476"
last-modified: Fri, 08 Mar 2024 11:53:44 GMT
x-amz-request-id: tx000001fb6f0d3481e39d1-006622a3fc-27f3b8aed-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F4fl06mpVSIvZTlylx935exp2Dt4s4rOcVg7U59FiugSwmXXGBMbotvuoZcGufml2qaV7aNKhVRdrBY0twwTyGeMF%2Bwaq7JSq%2BcN%2BH8JEHk5h5cAbaEomp2MNykIUwAyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/images/su4/media-m9-covers--large-up-1x.webp

104.21.25.236

200 OK

119 kB

URL GET HTTP/3
magixflix.club/images/su4/media-m9-covers--large-up-1x.webp
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 605x475, Scaling: [none]x[none], YUV color, decoders should clamp
Size
119 kB (119396 bytes)
Hash
7b8fb5ada7f53d0d74eea3d3785860b4
eac62c560fac387584ea5f1d9549a25827f1992d
23babda2a5ea0991bc79233fc989cf24be8d77348f1c6a2cc9f1304bfd55d961

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/su4/media-m9-covers--large-up-1x.webp HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: image/webp
content-length: 119396
cf-ray: 8791d31778ba56cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=14400
etag: "7b8fb5ada7f53d0d74eea3d3785860b4"
last-modified: Fri, 08 Mar 2024 11:53:47 GMT
x-amz-request-id: tx000007ee531f276d15200-006622a3fc-27f3b8aed-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvZPTbIgnrZ9yEKF0kRkxkG%2B4V2%2BCeYjzhh%2FnqhYXy%2F1e3h15sT%2B3XYgF0yRO6fBXBqQk%2B6pynn9EeWfJuhkcNf5T5Qh%2B%2Bac3MYKTtCcDdGl09Q9s817rcgJvUNkKKMWsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/images/sports/f1-site-bg-1.jpg

104.21.25.236

200 OK

371 kB

URL GET HTTP/3
magixflix.club/images/sports/f1-site-bg-1.jpg
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x720, components 3
Size
371 kB (370818 bytes)
Hash
a181ba62c69d91e2907a6e3364e516c6
dcd3f45d78647b054fc13947e105abb992ac66c0
27d4e0f145db97e63101d5c82cf5af5b9a6f80f1c7608c39949edf1413d8344d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/sports/f1-site-bg-1.jpg HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: image/jpeg
content-length: 370818
cf-ray: 8791d318392656cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=14400
etag: "a181ba62c69d91e2907a6e3364e516c6"
last-modified: Sat, 20 Aug 2022 11:56:33 GMT
x-amz-request-id: tx0000003c8389d8cd93b8e-0065e989c2-28e392f97-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52SeAdSOidtPG5DdyiOLfFrX09y%2B9gguTbaMmdOWxzxdr4aLj0ltSdFdJKFO3ArHFgmD0WKgIZlGHpYBhg859CuRSNzUVAVsR%2F6eL1wRpz6O2jAMZv8K9ERt0ese2zTu7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/images/su4/logo.png

104.21.25.236

200 OK

3.1 kB

URL GET HTTP/3
magixflix.club/images/su4/logo.png
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3133 bytes)
Hash
5099d6ab9c6cca8c0c6401de1b2b6476
4034e669cc5f750b27d8cff9f9ebe35f77b56acb
7058bf66b744f3770e4cdc143eec4ad7d77f453d6329b5095a1c42d6fee1fa03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/su4/logo.png HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:28 GMT
content-type: image/png
content-length: 3133
cf-ray: 8791d31d6b4856cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 1
cache-control: max-age=14400
etag: "5099d6ab9c6cca8c0c6401de1b2b6476"
last-modified: Fri, 08 Mar 2024 11:53:44 GMT
x-amz-request-id: tx000001fb6f0d3481e39d1-006622a3fc-27f3b8aed-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8raeiu9pw8fyr5BOBeD0yu4cx813uMIdERSratraDzpCNaKoASxweXC95%2F7e6T8nYNNCxMX9V7GZPz8JEYgQqImK%2FmBBdQKcD3QMTJHhX8iHcsNjBbT%2BnXgPf6JMj2p4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/images/su4/media-m9-covers-1x.webp

104.21.25.236

200 OK

183 kB

URL GET HTTP/3
magixflix.club/images/su4/media-m9-covers-1x.webp
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
RIFF (little-endian) data, Web/P image
Size
183 kB (183402 bytes)
Hash
fef74048bc3f0a41c709f16e3ac8033d
967cdf64d0f5a685a424294cfea2d159d4c66a84
7ad2d9fb7621b09ee070872d8a84b31d067ca0e44ddaf74eafed789d7e302157

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/su4/media-m9-covers-1x.webp HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:28 GMT
content-type: image/webp
content-length: 183402
cf-ray: 8791d31778b856cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
cache-control: max-age=14400
etag: "fef74048bc3f0a41c709f16e3ac8033d"
last-modified: Fri, 08 Mar 2024 11:53:47 GMT
x-amz-request-id: tx0000042a888b702ae74de-006622a3fc-27cca155e-us-east-1-iad1
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7X1mRuEFSugV7KMQ0oFZJ9pft7Eb4yTTXatO%2B44o0oRzs5XMOub9BkTmjMMKDya4v5pCZjw6cTeCrd9C%2FmOSpgAaHx8qQx76nQ4UQiR%2F2ZugnpeZxIy9u2M2oYB5Lq2fYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400

magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=

104.21.25.236

200 OK

48 kB

URL User Request GET HTTP/2
magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type

Size
48 kB (47585 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid= HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 00:02:26 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcruRvt7LWdAC%2BM49MVw5A0Tvc8Z8JeZyRMxyaIdE1em9Qr8M0NzXhH75A6rXUP3SvlVHsmicH85t4btXgysrTnH%2Bb7sH6qzXwLnaZnvo9bqjFYVgb%2BDE8sYCdaXczzZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791d3161d41569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

magixflix.club/su4/styles/main.css

104.21.25.236

200 OK

75 kB

URL GET HTTP/3
magixflix.club/su4/styles/main.css
IP
104.21.25.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Certificate
IssuerGoogle Trust Services LLC
Subjectmagixflix.club
Fingerprint96:A9:7C:FC:D2:5E:78:AD:3E:29:05:04:72:0A:43:6D:6F:DA:DA:64
ValiditySun, 17 Mar 2024 18:01:48 GMT - Sat, 15 Jun 2024 18:01:47 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
75 kB (75292 bytes)
Hash
080746356d0014cd104f764c79dacb95
89f6b43bc7051fd2df31483398c442d6a120f294
cf82397100da39bab159ab3aad6cfa23b4a82d0920e5260d31fef0b8d9810ce7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /su4/styles/main.css HTTP/1.1
Host: magixflix.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://magixflix.club/su4/?s=nascar&a=6&a3=xzHlj9msxJcKWHl&cid=w2ga70so263d97o0jt1jhn3g&ts=f1f3100f-f56a-4df3-85c5-188ffb0cab1e&q=F1CHINESEGRANDPRIXLive&sid=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 00:02:27 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrvDNwiNIBKES07aCgw84JCF7gEyUlqQvHWyU8MQy%2FFDWoVXl5dYSpaCDkJ%2F7KX%2B5%2BuKzwGJNkOXfmb1Pzuv9hPyjyY5U5MW0qcWxlYLmIYfSRDcXVUljE58pycmgTE8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8791d31778b456cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP