Report - needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw

Report Overview

Submitted URL
needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 22:42:49
Access
public
Website Title
Better than dating
Final URL
needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-07	1.8 kB	13 kB	74.125.131.84
needsscars.com	unknown	unknown	No data	No data	7.5 kB	188 kB	188.114.97.1
svntrk.com	105291	2018-04-18	2018-04-27	2024-05-01	378 B	26 kB	188.114.97.1
pornhub.com	4903	2000-10-31	2012-05-22	2024-05-07	374 B	201 B	66.254.114.41
www.pornhub.com	10781	2000-10-31	2012-05-21	2024-05-08	754 B	11 kB	66.254.114.41
www.xvideos.com	11464	1997-12-30	2012-05-21	2024-02-12	380 B	17 kB	185.88.181.9
lh3.google.com	213	1997-09-15	2012-07-21	2024-05-08	430 B	840 B	142.250.74.110
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-07	650 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed
2024-05-08	medium	needsscars.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	svntrk.com/assets/abl6_663bffcfcb7a3.js	0 B	2023-03-07	2024-05-20
Pretty URL svntrk.com/assets/abl6_663bffcfcb7a3.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 02:07:16 Times Seen37851793 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	needsscars.com/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js	40 kB	2023-04-05	2024-05-19
Pretty URL needsscars.com/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 13:38:28 Last Seen2024-05-19 21:11:55 Times Seen2861 Hash 1d8ad98fe3471d1a74d485f9b4737bfc a1190f7bb41660f682d59e15c2606279da0792f7 9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c Loading...

	needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw	0 B	2023-03-07	2024-05-20
Pretty URL needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 02:07:16 Times Seen37851793 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	needsscars.com/landings/1/js/vendor.200ef846c4fd3c933c0c7588625c0602.js	95 kB	2023-04-21	2024-05-19
Pretty URL needsscars.com/landings/1/js/vendor.200ef846c4fd3c933c0c7588625c0602.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-21 20:42:26 Last Seen2024-05-19 09:10:51 Times Seen319 Hash b6e28cbd11ce573f8b6358886f27f337 bbac5c4f56bdd3f0c684ab9bd26a60fccdd72d07 9983f76207bcf54758feca0f0de87e824de8ab2a9c853835d3c2b87133ebffba Loading...

	needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw	0 B	2023-03-07	2024-05-20
Pretty URL needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 02:07:16 Times Seen37851793 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (19)

URL IP Response Size

needsscars.com/landings/1/img/heart.png

188.114.97.1

200 OK

296 B

URL GET HTTP/3
needsscars.com/landings/1/img/heart.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type
PNG image data, 19 x 18, 8-bit colormap, non-interlaced
Size
296 B (296 bytes)
Hash
f8da48f7fa928bee385881980e388f67
2050be2bba68dc6310ce0a19ceb6537aa2471f5d
65c6c6a2c9cc16eb2fa91d9f4052f43d4f69d1f7b978df9b04653a9f54075f60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/1/img/heart.png HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://needsscars.com/landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: image/png
content-length: 296
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: "6615212c-128"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUKnj%2F2yhBP7UXfsGSdv7vsECmkTFKd9oPDZ2aBqlaIoWgA5BoF48Mk%2FBFkox4dw7YLR6iGKV4D6M8jgxoy6F64mrwENtrWiiUrWCrw6pwawGcmOwJBx5uAdfhO6xk2zLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf6785c8db4f4-OSL
alt-svc: h3=":443"; ma=86400

svntrk.com/assets/abl6_663bffcfcb7a3.js

188.114.97.1

200 OK

25 kB

URL GET HTTP/2
svntrk.com/assets/abl6_663bffcfcb7a3.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerCloudflare, Inc.
Subjectsvntrk.com
Fingerprint83:5F:B1:05:69:64:18:2B:AF:21:B6:08:6A:BF:B6:F1:B5:95:C8:99
ValidityThu, 28 Dec 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type
data
Size
25 kB (25017 bytes)
Hash
b4bd4268e41a351bd0052ec802a1cf12
405d0f244cbacedee6ae10784f9686151a2a46c3
d0a036d3e7ffa2ca3ed323ec5f961e913fd1e942ff37a2e13e0feecf2b8e4a89

HTTP Headers

GET /assets/abl6_663bffcfcb7a3.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=663bffd061669; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gAWCIq8EF2d%2FxhkQ55ijjnjY7JMqhCZmulrAiKQZdpxCjX7hSVqTiOWfNcAXpWwqtydv3yGmciHcOwKTYPRD5xst1oFoD8BDn85oasm%2F5Ucvem2NL5DAiGjMIh8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf674ccb256be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

needsscars.com/favicon.ico

188.114.97.1

200 OK

0 B

URL GET HTTP/3
needsscars.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: "6615212c-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ53p6dBC6%2BFFju6Ev9Yy4kDzhJufBYhZYZ1LQtsLJMiYlMQWzXJm02rVWm72IIta%2F1Vew2a6VLo1Hs4gEOmnZzGdq1PcQjckbQuFjSOnbKoIdphtb6PxKtMbpjnWsD1fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf679edcfb4f4-OSL
alt-svc: h3=":443"; ma=86400

needsscars.com/landings/1/img/excl.png

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
needsscars.com/landings/1/img/excl.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type
PNG image data, 110 x 110, 8-bit colormap, non-interlaced
Size
1.8 kB (1778 bytes)
Hash
4d1ba20e0674a211a8b5382902442ce5
1fdbf7f53380c3df8d89cd4116908b6c48397e64
ee0b2de79e2607f27725c2f1a7d0ecba06521efbfc47884cdcaef11e70c9f14e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/1/img/excl.png HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://needsscars.com/landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:25 GMT
content-type: image/png
content-length: 1778
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: "6615212c-6f2"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBTmNovPDChw37mrC4HQD2wf5fwR%2BVUUkdZ%2Fm%2Bvu5iw%2BZJrkGEHOOIiG2s22f0s0LyOKzxhNvvv5kIhQ5sFxd20dSuqNgWLq7ijFpPCZfNM96I1pXKqJcWRj2sYB1ZJAEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf6785c90b4f4-OSL
alt-svc: h3=":443"; ma=86400

pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

0 B

URL GET
pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.pornhub.com/video/manage?o=mr&t=pr2
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.pornhub.com/video/manage?o=mr&t=pr2

66.254.114.41

7.1 kB

URL GET
www.pornhub.com/video/manage?o=mr&t=pr2
IP
66.254.114.41:0
ASN
#29789 REFLECTED

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
7.1 kB (7082 bytes)
Hash
8eb6caf4417da46a24286a727f5297d1
04929e412f508bb08c19c62b6090ad81d6854f53
635db4774d2893514ef98982509fe2e28159cb069fcd656a724fa308169af4f5

HTTP Headers

GET /video/manage?o=mr&t=pr2 HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 08 May 2024 22:42:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: platform=pc; expires=Wed, 15-May-2024 22:42:25 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=154807846266561153; expires=Thu, 08-May-2025 22:42:25 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=35251.100000; expires=Fri, 07-Jun-2024 22:42:25 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.pornhub.com; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__s=663BFFD1-42FE722901BB3878F2-1C111407; Secure; Samesite=None
__l=663BFFD1-42FE722901BB3878F2-1C111407; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
ph-redirect: 1041
location: /login
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

needsscars.com/landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
needsscars.com/landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type
ASCII text, with very long lines (8785)
Size
14 kB (13606 bytes)
Hash
1a1acdb87b9a73e95c90f141f27cd2af
d83e8d40afda3b1bd54beca3c8256705d72b273f
46a09a65187a135e8d90d519f8393bfd84e0b41d64215e2e531579950c4d0fc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: text/css
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: W/"6615212c-2252"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vl2f%2BIPgPgIhAdlqGWRFwQfC8ddwFc0mT%2FSFwGBGU5SK6R8kP5Z5qmUm7zx9TynLTq5F4N5FW0KOc%2Br7wt1slI7krMMOSJhfru577HfX1PWo4oqweYaczR79bxffiqsR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf674b8dfb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.xvideos.com/favorite/90902157/mk_1123

185.88.181.9

404 Not Found

15 kB

URL GET HTTP/1.1
www.xvideos.com/favorite/90902157/mk_1123
IP
185.88.181.9:443
ASN
#46652 SERVERSTACK-ASN

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerSectigo Limited
Subject*.xvideos.com
Fingerprint2C:4F:6C:92:E4:3F:3E:7B:FD:E2:28:A6:4C:76:4E:23:82:C0:B3:5B
ValiditySun, 21 Jan 2024 00:00:00 GMT - Mon, 27 Jan 2025 23:59:59 GMT

File type
data
Size
15 kB (14628 bytes)
Hash
c96e0fea727420952316c3dce15c368c
5b92bfbb4c01edbaabc3f9da69b5825093ab61c5
8823265d24fded1415c7eae5beae3a43c058b74bab13599f2b9a3441d68e6480

HTTP Headers

GET /favorite/90902157/mk_1123 HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 08 May 2024 22:42:25 GMT
P3p: policyref="/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Accept-Ch: Viewport-Width, Width, Device-Memory, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness
Vary: Accept-Encoding,User-Agent,Accept-Language,Cookie
X-Frame-Options: SAMEORIGIN
Report-To: {"group": "csp-endpoint", "max_age": 10886400, "endpoints": [ { "url": "https://www.xvideos.com/csp-reports" } ] }
Content-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com 1868565294.rsc.cdn77.org static.cloudflareinsights.com www.google.com www.gstatic.com fonts.gstatic.com fonts.googleapis.com ajax.googleapis.com fcm.googleapis.com accounts.google.com *.cdn77.org  *.nk-img.com  *.segpay.com  *.online-metrix.net *.vscdns.com *.vsmvideo.com www.tjk-njk.com *.orbsrv.com *.opoxv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.tf4srv.com *.aacdn.net *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com *.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com *.gtflixtv.com wss://*.1ka.com https://*.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.cdn77.org www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com data-cdn.pornbiz.com *.vscdns.com *.vsmvideo.com *.doubleclick.net *.google.fr *.google.com *.segpay.com *.online-metrix.net cdn.asf4f.us *.gtflixtv.com *.1ka.com *.orbsrv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.justservingfiles.net *.tf4srv.com *.aacdn.net *.rtbsuperhub.com; report-uri https://www.xvideos.com/csp-reports; report-to csp-endpoint
Referrer-Policy: no-referrer-when-downgrade
X-Robots-Tag: noindex
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: nginx

lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

142.250.74.110

302 Found

337 B

URL GET HTTP/2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

HTTP Headers

GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:42:25 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f276d15245c6ec1add5b5814bb8444eb
975c127eec9cc6514f4092ed034df575bcdeacd7
a77526d25e2226cff93318a2e87ab8d03eac1796e44fd997c5428693ddb61bd0

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 22:42:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:h3kbn8fQ50BjWYUz6cGq_nQDp4hkkQ:o5Xl48Ygh5Rw7tXF; Expires=Fri, 08-May-2026 22:42:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 22:42:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQyvSQtkngDt7At4oz7Sn5d2GUdGcFGsYUaqcq2E94oq62RYAy-MNCbmoepAk_fUPKybOxztFQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-eqfxStCeV68ISVUOSBkFUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
295c1ab534489dc31c4940823ae306a6
f64846d666665600e9b3191323707b0312ea2103
f71d58c2003e0da135fb8f57ef576b17eebe7916ced184c7bf99f603049eaddb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 22:42:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQyvSQtkngDt7At4oz7Sn5d2GUdGcFGsYUaqcq2E94oq62RYAy-MNCbmoepAk_fUPKybOxztFQ

74.125.131.84

302 Found

442 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQyvSQtkngDt7At4oz7Sn5d2GUdGcFGsYUaqcq2E94oq62RYAy-MNCbmoepAk_fUPKybOxztFQ
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (410)
Size
442 B (442 bytes)
Hash
a90fd494fdd23debd254e92999aedbf0
853621d7ce98afc7f015e8d6928139181957f34d
2bf02e4ef5bc9457ee0ccb4e69534a0f5437813b0b18e203f2af03627413ba2c

HTTP Headers

GET /InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQyvSQtkngDt7At4oz7Sn5d2GUdGcFGsYUaqcq2E94oq62RYAy-MNCbmoepAk_fUPKybOxztFQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:o8gI282N510nedBrcti6jb3M0M_iMQ:YkpmfJ6hvYfUTq5M;Path=/;Expires=Fri, 08-May-2026 22:42:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 22:42:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQwbKV1wZzN9xkEZAAtTFuRGeTZCMr02I0u1c9f_ygfPsgRGQwBZoIerlu1TdwgAUTOFzGcU7w&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1005743519%3A1715208145908702&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-pmLIjYD-p3Wp5XKTllhlgQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 442
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQwbKV1wZzN9xkEZAAtTFuRGeTZCMr02I0u1c9f_ygfPsgRGQwBZoIerlu1TdwgAUTOFzGcU7w&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1005743519%3A1715208145908702&theme=mn&ddm=0

74.125.131.84

403 Forbidden

7.4 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQwbKV1wZzN9xkEZAAtTFuRGeTZCMr02I0u1c9f_ygfPsgRGQwBZoIerlu1TdwgAUTOFzGcU7w&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1005743519%3A1715208145908702&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type
gzip compressed data, max compression
Size
7.4 kB (7432 bytes)
Hash
f587f488da626de6420074fbeee34036
9d68de276a3712c84d757392ea7286812dacb420
fe9caadee346df600bd60675b7fb3d15d109216bedc140b737b44fb02c78e7df

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&ifkv=AaSxoQwbKV1wZzN9xkEZAAtTFuRGeTZCMr02I0u1c9f_ygfPsgRGQwBZoIerlu1TdwgAUTOFzGcU7w&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1005743519%3A1715208145908702&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 22:42:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-la6qbUksoZ7DC8wAdCrnKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw

188.114.97.1

200 OK

6.3 kB

URL User Request GET HTTP/2
needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type
HTML document, ASCII text, with very long lines (6715), with no line terminators
Size
6.3 kB (6281 bytes)
Hash
7c0037a84bdde8f14d0abf559c91f954
3a3e2485fe107ed6ea1f1cc90f81af1c08759968
fa7f856129d908eef37d3d104789b9e460de0c6b415edf4d47574182baf650b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 22:42:23 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; expires=Thu, 09-May-2024 00:42:23 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; expires=Thu, 09-May-2024 00:42:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w2; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mn1Bvq8LZFi2dlL%2BVS%2ByFporR2SVJ7MnLgLjLNloTAtOGBKn1jvDL392lav6CF479Ypja3iXIzj5e3KXFKDk%2FwpmG%2Fn5YnQ9Y%2BwLpuUlIKEqFYWL1X1%2BfnDv5x53hej2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cf671781a56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

needsscars.com/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js

188.114.97.1

200 OK

40 kB

URL GET HTTP/3
needsscars.com/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type

Size
40 kB (40104 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 11:06:23 GMT
etag: W/"6615212f-9ca8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 746
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3GW5CnS121XCKkzPC5%2B74jA7fs9V1YONIfI4OD%2FKFunloOEuAYsp3PHP5ju6aOuNBqgea05TzEqp2M%2FzfQ8r%2BaUUuHazjZE75ZYmPEGWsJxg9ARKWpdsNQzhUDUTnVV2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf674a8deb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

needsscars.com/landings/1/js/vendor.200ef846c4fd3c933c0c7588625c0602.js

188.114.97.1

200 OK

95 kB

URL GET HTTP/3
needsscars.com/landings/1/js/vendor.200ef846c4fd3c933c0c7588625c0602.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type

Size
95 kB (94947 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/1/js/vendor.200ef846c4fd3c933c0c7588625c0602.js HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: W/"6615212c-172e3"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TglwqimiPVLc7UEoj3%2BTZFWNlFU9%2Fp%2FOYQi9fR9gHS6aBx1q2NNj3shl5ZAhOkvtxouhG6Db5EtePYGqGs%2BKvV1z8cPOVGmsGzRmI48JBbiIxQ58Cs0PCXf0Acl3faNiaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf674b8e1b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.pornhub.com/login

0.0.0.0

0 B

URL GET
www.pornhub.com/login
IP
0.0.0.0:0
ASN
#0

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerDigiCert Inc
Subject*.pornhub.com
FingerprintD6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /login HTTP/1.1
Host: www.pornhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 08 May 2024 22:42:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: platform=pc; expires=Wed, 15-May-2024 22:42:25 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure
ss=549589492578548681; expires=Thu, 08-May-2025 22:42:25 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure
fg_0d2ec4cbd943df07ec161982a603817e=11596.100000; expires=Fri, 07-Jun-2024 22:42:25 GMT; Max-Age=2592000; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.pornhub.com; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure
__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure
__s=663BFFD1-42FE722901BB3878F2-1C11156E; Secure; Samesite=None
__l=663BFFD1-42FE722901BB3878F2-1C11156E; Secure; Samesite=None; Max-Age=31556926
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

needsscars.com/landings/1/img/bg-body.jpg

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
needsscars.com/landings/1/img/bg-body.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://needsscars.com/?s1=abl6&s5=lWN2Sluq230feSZdZMZ19QJHw
Certificate
IssuerGoogle Trust Services LLC
Subjectneedsscars.com
Fingerprint2C:DB:7F:FC:42:54:75:BD:CB:A5:AF:A1:BD:39:24:6B:2A:B0:F1:91
ValidityWed, 08 May 2024 00:28:06 GMT - Tue, 06 Aug 2024 00:28:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x568, components 3
Size
25 kB (25016 bytes)
Hash
f2e7b19da36d2abd47ffe72f2d9079f7
c185bb2fd72f928201eb9ea440090f25b0fa2f78
15866f2481e39c92555ded5d854e085ffe9c0f2cb9096f66d9874fce6ef0d7e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/1/img/bg-body.jpg HTTP/1.1
Host: needsscars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://needsscars.com/landings/1/fonts/vendor.eaef29a6430310e19c1f0f9f7a2ba3b3.css
Cookie: XSRF-TOKEN=eyJpdiI6IkFtelJEUE9Vc3c3aFAxVGVDcFlaYVE9PSIsInZhbHVlIjoiZnpad3VBcVRPQUxBcEpPRFhrcVh0UFRzMlljSmdjY2dQaUNSNkRMMHZmclRIZjZPYnpkV2ttcGdlanBCaWUydyIsIm1hYyI6IjIzOWZlMDlhNTMzMDYwNTRmMzQ0MjMzNGJkMzZlZGQxZjU4NjI1YmZmM2UzN2JjM2VmZjFiMDg4ZTU5Nzk0NzYifQ%3D%3D; laravel_session=eyJpdiI6IjhnUHR4YWY0cUVicEJRVjgyUFlNK3c9PSIsInZhbHVlIjoibmV2dS9UM3RRZ2txUW5EOTFvSzRnUmNCd3ZFWGZtYmJZejdRUlQ3cm9leW9vYkpwRmNZYTRPNUloK01BT1hNRSIsIm1hYyI6IjkwYzVkYjNlZWZlYmQyNDBlYTVmNDhmY2JhNjExY2IxMTY2MDY3NGI5NzZkM2EyM2RlM2M4NjViYzZkMDdhOGMifQ%3D%3D; SRVNAME=w2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 22:42:24 GMT
content-type: image/jpeg
content-length: 25016
last-modified: Tue, 09 Apr 2024 11:06:20 GMT
etag: "6615212c-61b8"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veIjSIV6JoavoBjVVqFfbbUDHK%2BWhshp9OQWjubOlIffz2pHNUWnUmYZo50PQlQXtj5YiS5gEauUhXolqVz9cqUNnQHNmfdsOmLcxltVKTo9H9jVSGsdOnIAJf93Bg0dbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cf6783c6fb4f4-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash