| js.2mp4.xyz/AV4.us.jpg |  188.114.96.1 | | 8.7 kB |
IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3 Hashedfe007a6e5b3d268b2528f564b60b43 1644c8ef97c871079e07e5079d613af5cb94052f bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:36 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 98513
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvwBBAnVL9so3CQLIsqt4VtVZ0g17LcqDIV2O1ObI3pRfWmBArbKiqLygVxQ1OuqwUFs6X8Vs4jHTfHpaPvsWLjwXycSHP5%2FTCq3ydX0Qgvg43sySV7QwA%2BhTmryww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d30b9deb6156c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js |  104.17.24.14 | | 4.0 kB |
URL cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP104.17.24.14:0
File typeJavaScript source, ASCII text, with very long lines (10613) Hashea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 106931
expires: Mon, 21 Apr 2025 22:00:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiRY%2Fo4CjII0d5HJDigLOEoEVwl1AiUHSeHHmaAdj7eEUgPFNUfr5TD34vi%2BnvI7CiQx%2Bch9IVP0EuSfuYhCREiNKqycpLdXb5uLYxLgEv9TDQT9IKU0Dryx4uE0tRM2ihWNmVix"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d30ba11af7b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js |  151.101.1.229 | | 76 kB |
URL cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP151.101.1.229:0
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (546) Hash42d39a9126c8c10554ea284c98aabea4 b57a08e14c17abdd7910dd0416c50031e2dfa94b b47aac0d23c87c29cbeb20e603b758bd7cdb7b2b743d685c26aaf2e3daeb00eb
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.324.0
x-jsd-version-type: version
etag: W/"2c894-tXoI4UwXq915EN0EFsUAMeLfqUs"
content-encoding: br
accept-ranges: bytes
date: Wed, 01 May 2024 22:00:37 GMT
age: 39673
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 76100
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-620120-3 | 142.250.74.168 | 200 OK | 70 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-620120-3 IP142.250.74.168:443
Requested byhttps://jp.4tube.top/contact/----hotvid CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1808) Hash3c17dee9c9beb65b4d8ee8429e7f4b22 9b7262ca1464602c1afc584cc1b0631976618598 3e8771f6da3e8605cb7a6f51551c9d245bfcadca03b9c106d86eef9035a4c010
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 22:00:37 GMT
expires: Wed, 01 May 2024 22:00:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 May 2024 21:11:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js | 104.17.24.14 | | 4.0 kB |
URL cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP104.17.24.14:0
File typeJavaScript source, ASCII text, with very long lines (10613) Hashea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 106931
expires: Mon, 21 Apr 2025 22:00:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xy2jrS1oXrxd8oqk%2BRGP5zrTkuj%2FpH75KIHAXvdO2vasRXY0Z7pXy54fEALyrr%2F64sqS%2B5az8cEaV6%2Ffrkh0yJ138NfuADkyZXX2E8gMdJK9OGEPNtAGtSriXcOrWq1uzS0nw1BK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d30ba32fa656c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js | 151.101.1.229 | | 76 kB |
URL cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP151.101.1.229:0
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (546) Hash42d39a9126c8c10554ea284c98aabea4 b57a08e14c17abdd7910dd0416c50031e2dfa94b b47aac0d23c87c29cbeb20e603b758bd7cdb7b2b743d685c26aaf2e3daeb00eb
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 76100
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.324.0
x-jsd-version-type: version
etag: W/"2c894-tXoI4UwXq915EN0EFsUAMeLfqUs"
content-encoding: br
accept-ranges: bytes
date: Wed, 01 May 2024 22:00:37 GMT
age: 39674
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-620120-3 | 142.250.74.168 | 200 OK | 70 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-620120-3 IP142.250.74.168:443
Requested byhttps://jp.4tube.top/contact/----hotvid CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1808) Hash0ab1ec41206360f1cf9f951ef69a7a29 7af25f913daa84962155bbcc8fbfd233a5f6853a 26411ffcfea45790c26a79ce05aa6b843d5ca6ea4f3e6693bf537f322efb0eef
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 22:00:37 GMT
expires: Wed, 01 May 2024 22:00:37 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 May 2024 21:31:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 383e3851cf.0115b2b799.com/e760f422e325427d81f0ed67bbf24ac7.js | 45.133.44.52 | | 37 kB |
URL 383e3851cf.0115b2b799.com/e760f422e325427d81f0ed67bbf24ac7.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashb317a8c1aca771530b420e021aa8c66d d2edc9ce37add6b37b560624e79756203411b9f4 2ab7a90d591209961600e49845edadf1f3dc5ea24e2ce34bc2bc37396c6adbf9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /e760f422e325427d81f0ed67bbf24ac7.js HTTP/1.1
Host: 383e3851cf.0115b2b799.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:37 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Wed, 01 May 2024 22:05:37 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 142.250.74.74 | | 30 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:54 GMT
expires: Sat, 26 Apr 2025 06:04:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 489343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.2mp4.xyz/AV4.us.jpg | 188.114.96.1 | | 8.7 kB |
IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3 Hashedfe007a6e5b3d268b2528f564b60b43 1644c8ef97c871079e07e5079d613af5cb94052f bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:37 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 98514
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWNWXPNQl18j46S%2B13qjGwONCHa8Eu8FvTvPqLgzVCssA6cURUtmbZW4T6v7H1Xd6vpyEollD%2FsEg7kMQMYeLsZziihxhp%2BqaiG2pb7xNnpU85l6%2FJmZ%2BQ507rWaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d30ba4ee63b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 142.250.74.74 | | 30 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP142.250.74.74:0
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:54 GMT
expires: Sat, 26 Apr 2025 06:04:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 489344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cacrz.4jpg.top/AV4.us.jpg | 104.21.77.220 | | 8.7 kB |
URL cacrz.4jpg.top/AV4.us.jpg IP104.21.77.220:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3 Hashedfe007a6e5b3d268b2528f564b60b43 1644c8ef97c871079e07e5079d613af5cb94052f bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-5499bcea176c0"
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
cf-cache-status: HIT
age: 106953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esTiGmwh4QJOCoIGAdHV4HZUo7rtXey8HZtabBUuIYv7njKTE9Eg7mOoMoVpqutj0OuK69ul7H9KTT3gFrs3Ho4hUALq%2FEg6xm%2FjfF32AUt1yOn7BYnq4GGKlKS48%2FbB4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d30ba608567127-OSL
alt-svc: h3=":443"; ma=86400
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | | 0 B |
URL js.capndr.com/advertising.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Wed, 01 May 2024 22:05:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=c&med_script_id=34&page=https%3A//jp.4tube.top/contact/----hotvid |  159.69.161.138 | | 0 B |
URL notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=c&med_script_id=34&page=https%3A//jp.4tube.top/contact/----hotvid IP159.69.161.138:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=c&med_script_id=34&page=https%3A//jp.4tube.top/contact/----hotvid HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 01 May 2024 22:00:38 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&page-ref=https%3A%2F%2Fjp.4tube.top%2Fhotvid&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a6dkslduqb1rg7ejkv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A1475145807869%3Ahid%3A90637634%3Az%3A0%3Ai%3A20240501220037%3Aet%3A1714600838%3Ac%3A1%3Arn%3A601078367%3Arqn%3A1%3Au%3A1714600838971390454%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C13%2C2%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1714600837214%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714600838%3At%3AContact%20%26%20Abuse%20%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%283441412%29aw%281%29rcm%281%29cdl%28na%29fip%281%29ti%281%29&redirnss=1 |  87.250.250.119 | | 448 B |
URL mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&page-ref=https%3A%2F%2Fjp.4tube.top%2Fhotvid&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a6dkslduqb1rg7ejkv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A1475145807869%3Ahid%3A90637634%3Az%3A0%3Ai%3A20240501220037%3Aet%3A1714600838%3Ac%3A1%3Arn%3A601078367%3Arqn%3A1%3Au%3A1714600838971390454%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C13%2C2%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1714600837214%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714600838%3At%3AContact%20%26%20Abuse%20%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%283441412%29aw%281%29rcm%281%29cdl%28na%29fip%281%29ti%281%29&redirnss=1 IP87.250.250.119:0
Hash33f828fa416153dd896265fcf579360f 488304f2b417d310b43d40c97622f40835936f24 71e10c5d4daee77d15d14fcb1c815b779ed23d9dbfdb2e7860c1dafad2b378a3
GET /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&page-ref=https%3A%2F%2Fjp.4tube.top%2Fhotvid&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a6dkslduqb1rg7ejkv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A1475145807869%3Ahid%3A90637634%3Az%3A0%3Ai%3A20240501220037%3Aet%3A1714600838%3Ac%3A1%3Arn%3A601078367%3Arqn%3A1%3Au%3A1714600838971390454%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C13%2C2%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1714600837214%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714600838%3At%3AContact%20%26%20Abuse%20%E5%8B%95%E7%94%BB%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%283441412%29aw%281%29rcm%281%29cdl%28na%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.4tube.top
Referer: https://jp.4tube.top/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1508139051714600838; i=zJ3AQqqkEpcvoY2QZmcCMevlzN8hb/MbWe1MeYJ6GEGNuMvVCGXfOf4Gcmz/wB4xAf59IiuhmgF4CRyBgGpheHqryyU=; yandexuid=5456175071714600838; yuidss=5456175071714600838; ymex=1746136838.yrts.1714600838#1746136838.yrtsi.1714600838
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 448
date: Wed, 01 May 2024 22:00:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://jp.4tube.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 01-May-2024 22:00:38 GMT
last-modified: Wed, 01-May-2024 22:00:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=23782 | 157.90.84.242 | | 0 B |
URL fp.metricswpsh.com/fp?tag_id=23782 IP157.90.84.242:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jp.4tube.top/
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 01 May 2024 22:00:38 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://jp.4tube.top
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | | 16 kB |
URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashc3fb6559a62b8e4ad1946132d6909df0 d82b4df91c409c3f6e693d3a0b1590b186e17b2b a2eb96cebc19a702a29abc755c3bfa17a44340c45df91611feaa39eed3f396bd
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Wed, 01 May 2024 22:05:38 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=23782 | 157.90.84.242 | | 58 B |
URL fp.metricswpsh.com/fp?tag_id=23782 IP157.90.84.242:0 ASN#24940 Hetzner Online GmbH
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1836
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 01 May 2024 22:00:38 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://jp.4tube.top
Set-Cookie: id=99781910421909387; Expires=Thu, 01 May 2025 22:00:38 GMT; Secure; SameSite=None
Vary: Origin
|
|
| 84a0e8beca.5ede78f7a0.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxODE3NzcwNTgxMzYyODc1NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | | 0 B |
URL 84a0e8beca.5ede78f7a0.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxODE3NzcwNTgxMzYyODc1NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxODE3NzcwNTgxMzYyODc1NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjQ3LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 84a0e8beca.5ede78f7a0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 172.67.174.51 | | 31 kB |
URL storage.multstorage.com/log/count.html IP172.67.174.51:0
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: ceb86218ec85b3b2cec98f6de76248ff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXAvHA4beUIv3vHt7NrB3vaFsCyiEQarH4Ej36pWXMc%2BlgN6Rzbo%2F%2BcIQv%2Bfmdq3BoCoKJA2qoUapmO%2BNvtYElRoRYj%2F5qx9MQiOHkU634wTg4mI04Cht1%2B09VF724GCKgrBsEKFfNnEPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d30ba9ae2f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jsjs.4jpg.top/index.php?js=av4&advertisement& | 188.114.97.1 | | 46 kB |
URL jsjs.4jpg.top/index.php?js=av4&advertisement& IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (6529), with CRLF line terminators Hashd5dc1fadaaec29e8f0c228fc386ea092 6c74ecfd5941c0446ee85b16a3cb6418aea7f46e 7c2ac3b4891e62bcbc40e3384b188712078e5152be303644735b4615089a6481
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:38 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--NO-rm16215822256/index.php?js=av4&advertisement&
56nloadrate: 2.4490625
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 342
last-modified: Wed, 01 May 2024 21:54:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOwLAJfawuYUEODZBluXQWrjfK%2BTWOnOdp0w70HuSHmvYnEHaDkKF334vwLapYuJ3gDV%2BcXrMhYpF6gyrTEYCUQGJKtGLcZ2TibKV8Vrq%2FnFqibrncO23Qp6EbpWGeRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d30baa5e4fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | | 0 B |
URL accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:7LYAwPSC4ouVbD57TAHtxY0S1IUEcw:Uwj4Ry2zYWb434jS; Expires=Fri, 01-May-2026 22:00:39 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 22:00:39 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyNZt0YSsiglb7kuhmmwJxmFsHHn8fZxPxpe7NHjHizKHf4YGHOjiK62CN6S6eU64dgroiN
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-nS3tA203Bk8S_3iDFVpYZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| page.phic4.top/myda.php | 172.67.190.9 | | 504 B |
IP172.67.190.9:0
Hashd7d6f51907663f4518204454a662992c a8edd5c2dade3ecfff53ac18f50cbec070b26650 2bb9312b83581fa00a6cc9b839d0335861211c5c57e54f1684dfe6235d790bbd
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:39 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5291
last-modified: Wed, 01 May 2024 20:32:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHtcZ%2Bry777RUlg5MKEeLY8qqY%2FFXMdygDtmFfuJfarp6GgMIsEqMCCQNDSQqa6DSduWZsNzD2CmvQyJRbiFovurEd%2B5jefxjL71wkoe091BrRycl8DTkpLCV0e59mSxfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d30bac3cee5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=4196013b-850d-42cd-b3a7-26f64aab35cb&subid=809032184&sid=2077791367&spot_id=17050&created_at=2024-05-01&timezone=0&ver=8.159.0&is_native=1 | 168.119.25.102 | | 0 B |
URL nereserv.com/in/dip?site=native-push&wl=1&event_id=4196013b-850d-42cd-b3a7-26f64aab35cb&subid=809032184&sid=2077791367&spot_id=17050&created_at=2024-05-01&timezone=0&ver=8.159.0&is_native=1 IP168.119.25.102:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=4196013b-850d-42cd-b3a7-26f64aab35cb&subid=809032184&sid=2077791367&spot_id=17050&created_at=2024-05-01&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 01 May 2024 22:00:39 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 5dc5532e35.6a377e2b5c.com/in/multy | 94.130.198.6 | | 0 B |
URL 5dc5532e35.6a377e2b5c.com/in/multy IP94.130.198.6:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 5dc5532e35.6a377e2b5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jp.4tube.top/
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Wed, 01 May 2024 22:00:39 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| av.av4us.top//js.2mp4.xyz/AV4.us.jpg | 104.21.13.171 | | 33 kB |
URL av.av4us.top//js.2mp4.xyz/AV4.us.jpg IP104.21.13.171:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1310), with CRLF, LF line terminators Hashc347692fd02f4ef9e3289dd3e9a7aeb7 910b028a369b8f195ddc8e1579a1bbc7f75f0b3e 806f0276e5d3b865f8b4a645857b37b8600776c05e3ba6f906fb152e2e746c3e
GET //js.2mp4.xyz/AV4.us.jpg HTTP/1.1
Host: av.av4us.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:39 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.av4us.top96.161.209-myhost-av.av4us.top.12.53.113//js.2mp4.xyz/AV4.us.jpg
phost: av.av4us.top
pdojs-line1051: notjp--myhost-av.av4us.top-filteron-
line2125: notjp--myhost-av.av4us.top-filteron-//js.2mp4.xyz/AV4.us.jpg
line2128: notjp--myhost-av.av4us.top-filteron-
line2425: notjp-//js.2mp4.xyz/AV4.us.jpg-myhost-av.av4us.top-filteron-
cache-control: public, max-age=709165
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-hd-la: HIT
xkey-hd-la: av.//js.2mp4.xyz/AV4.us.jpg-A-av.av4us.top--my_zone
cf-cache-status: HIT
age: 102804
last-modified: Tue, 30 Apr 2024 17:27:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ij2EGq%2FtZuA1B8iv8%2B4mJzca6MSgx%2BspTei5YPloXW86s8QUYQ8KAissdXXI6CsqLWZyQl7IvFxj35ebgChVR293L2%2BkXSi55fdN89z%2B5Xg8cXIg9NsWuDuXZ1xZ4JU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d30bacefbf5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyNZt0YSsiglb7kuhmmwJxmFsHHn8fZxPxpe7NHjHizKHf4YGHOjiK62CN6S6eU64dgroiN | 74.125.131.84 | | 423 B |
URL accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyNZt0YSsiglb7kuhmmwJxmFsHHn8fZxPxpe7NHjHizKHf4YGHOjiK62CN6S6eU64dgroiN IP74.125.131.84:0
File typeHTML document, ASCII text, with very long lines (402) Hash9bb72f148194eb88be9d57a92dbb24dd 862b6c70d46a17bed1812945335a89ce1cdfd40e 8280ec58d482a7a007b05b3b3b0386de99b867a4824920234c80aeb9515ddda4
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyNZt0YSsiglb7kuhmmwJxmFsHHn8fZxPxpe7NHjHizKHf4YGHOjiK62CN6S6eU64dgroiN HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Wiq5Efs1w756ZHlrD2ap91ePdVh8Fw:Hfjydi3J7ZKQ3zKM;Path=/;Expires=Fri, 01-May-2026 22:00:39 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 May 2024 22:00:39 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzu9dIX6e_Ht5GrtmkvVDPiW85x2bBBSovHOM_kNE82-7Pn6HYwfwXjZ4E1RGkDa3x_E4x0&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101015274%3A1714600839250321&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-I8tWGBm-7JRM0uld7yVnkA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 423
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| page.phic4.top/myda.php | 172.67.190.9 | | 4.1 kB |
IP172.67.190.9:0
Hashc2693a59a6d963cdc439435629cb8bf9 d0fb32e2e4f84e764a89a5fde24420b0f24f6633 e913282c4fd516fe4cca3989d24eaf3c9792b2b4cb89e994cb84c16b9bbb6791
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:00:39 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5291
last-modified: Wed, 01 May 2024 20:32:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gVGwIVnqs3ihgiR6PvRvzDmF9bf5gUo0OGn1crfXeRLtYcS3tuGMsWmZzO0%2BuUOUwVj68icfPLRJhOJIzgZWEwAhzXda%2BIbPMoMEQzXxuRuDmkAEoJg9QQaKZq2SnfpNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d30bac2ce85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 5dc5532e35.6a377e2b5c.com/in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&icons=_RGe-2O9UB5DhOi4ge12O_UDpDS2jQdcDSY2H4TCDJij1pQUXJvS53iLmw0drAOs9rW5MP5XLZZpaBV1SkwYU5BwHEyU4rO0pNtGSlV4BscCSEsbV7xfy-5pLflf_vsV-GrbDieGXPVJaMr0LkIApFpOzPP6GF4dqSWJOK_RKiRDqBfbMA&ext_cid=0&px_id=17050&min_cpm=0.02581197374027736&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.012967347507105646&cpm=0&verify_hash=dad247f71f2084f22e363b5d3b930131&is_native=4&real_bid=0.000642715286535168&original_bid_usd=0.001279348&original_bid=0.001279348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001279348&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001279348&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=61079f64-9e9e-494c-85d6-d14cd0cd1601&prev_step_diff=844 | 94.130.198.6 | | 0 B |
URL 5dc5532e35.6a377e2b5c.com/in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&icons=_RGe-2O9UB5DhOi4ge12O_UDpDS2jQdcDSY2H4TCDJij1pQUXJvS53iLmw0drAOs9rW5MP5XLZZpaBV1SkwYU5BwHEyU4rO0pNtGSlV4BscCSEsbV7xfy-5pLflf_vsV-GrbDieGXPVJaMr0LkIApFpOzPP6GF4dqSWJOK_RKiRDqBfbMA&ext_cid=0&px_id=17050&min_cpm=0.02581197374027736&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.012967347507105646&cpm=0&verify_hash=dad247f71f2084f22e363b5d3b930131&is_native=4&real_bid=0.000642715286535168&original_bid_usd=0.001279348&original_bid=0.001279348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001279348&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001279348&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=61079f64-9e9e-494c-85d6-d14cd0cd1601&prev_step_diff=844 IP94.130.198.6:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&icons=_RGe-2O9UB5DhOi4ge12O_UDpDS2jQdcDSY2H4TCDJij1pQUXJvS53iLmw0drAOs9rW5MP5XLZZpaBV1SkwYU5BwHEyU4rO0pNtGSlV4BscCSEsbV7xfy-5pLflf_vsV-GrbDieGXPVJaMr0LkIApFpOzPP6GF4dqSWJOK_RKiRDqBfbMA&ext_cid=0&px_id=17050&min_cpm=0.02581197374027736&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.012967347507105646&cpm=0&verify_hash=dad247f71f2084f22e363b5d3b930131&is_native=4&real_bid=0.000642715286535168&original_bid_usd=0.001279348&original_bid=0.001279348&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001279348&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001279348&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=61079f64-9e9e-494c-85d6-d14cd0cd1601&prev_step_diff=844 HTTP/1.1
Host: 5dc5532e35.6a377e2b5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 01 May 2024 22:00:39 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 5dc5532e35.6a377e2b5c.com/in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=d8a247da09cd922865f4b19d42e551bd&url=https%3A%2F%2Fclick.eu.aneorwd.com%2Frtb%2Ffeedclick_inpage%3Ffeedid%3De703%26subid%3D3117050%26uuid%3Dfdf00c13-b90c-4cc1-a897-8dd3aa4696e9%26ep%3DI5D6PDVAMJDMPCBO76326EFKALPVCX2QPEA4R4KPZ4GCHCH5TWV3EWRXNMATII7XLMGAEOPL4E6BRRA3RKSS5J6WJR3OSGSYEWXZQNYSSJFEBF2P3GTK67LI7RFTHQ4ALUJMEPDWOPQGIZGYEBRJMI3PPXAR3G32MBXFE7GVEGX56GGEBLI7XHS2YTRSS2JOEGYS4XRAL5ZGMB2XFS3DW5CTR6G7IVQ3DSZNLYFZEJDAM4T2DCXQC66GFEWQTIU5V7KOXJYKQ3VTVASESETHT3DM33T74K5IIMEIN3TMA2ZJHXWHLHCWXBH324MQGQ7RE2V5S3BTKZ2BMYEVXDFXCLM76GIBDJXA476ZUKFMRKROR7A34ELHKOORMODDPDP3N4CSMJE2VBSTCBBNJ2EM6CQJYF6MTAIN4SJUO4JU3MUOKHSL3C3BUKSR2LQACAOBXRTN7M7MUUAYQSAGOP6IJWXB5O5AHULFVE5B7ORO4ITEVWMMDYPKEMJPGFQUDALAUKO6UN67C5524JHYQG5VIWA7AZZUKFCUO67DQI6HOOPETQSYHVXLJNWS4YRJMHJDVAAMCVHV4ZGP4%253D%253D%253D&icons=ATshaAXXVgH8KEm1d-jkZQo0mWrAAoEvdSk_udldhDphowJ5IphDbt44-vrts_gdT7oW1b8OH8AKTG2MW-GEBm0roIHPw9FBGwIwrTjITOSTlk473taRL9gVmgyQ_u87INIBHq8qARTuUVWyx8PUluiyOIGLX-IbMbzdRqhIQEq3jZ7jdlY_JNnK6H9ojeciIi_9CLcrTK53nccoTOx_nMz1EdTnsE1MZr15VY2qcAlCESLNDNZh39qFGB9l-qTuoFzB7MRLw8zAKmSq9E0BDSWKbA4gEgLd_IcYf_heUS4GAc3vBkWw3QUSHg5qNucB7rlmHH_51tQUUbhwM7ureXUmmtAuDYSACKilGRaOoyxfy-51a5zZQlqZ-AH9Sv3LiLLG7Z1iEdOW-MAYaTe4KReYBPtlr4PkFcMqY8EodfVu1TjKBH6_7cfolJ0ZfjHQ9_ReLY_P8Tgf7-kkx4lezwpjey-0rVULOlC1v5__bgY1HPXJwvRvm9vtjaHMJcAgsrgfCqVPnX35gUcvpZpsV8YLwBTxe8xHLfOeV2-YEYSRzGHo-YrIA4ZXbo1sezCX4s9dQSXj8QqW4azpPyXPXUb4ifyYETRKx50&ext_cid=0&px_id=3117050&min_cpm=0.016375047354685646&out_id=0&campaign_type=mq&aid=3412&cid=12971&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.018899587872083602&cpm=0&verify_hash=617ad7732a1d4ab59916c72a30164644&is_native=1&real_bid=0.0014765850394964294&original_bid_usd=0.00165&original_bid=0.00165&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,101,5,98,130&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=null&site=native-push-adult&price=0.00165&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000165&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=b34183d9-b858-46bf-82f8-d37bfbbdbca4&prev_step_diff=843 | 94.130.198.6 | | 0 B |
URL 5dc5532e35.6a377e2b5c.com/in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=d8a247da09cd922865f4b19d42e551bd&url=https%3A%2F%2Fclick.eu.aneorwd.com%2Frtb%2Ffeedclick_inpage%3Ffeedid%3De703%26subid%3D3117050%26uuid%3Dfdf00c13-b90c-4cc1-a897-8dd3aa4696e9%26ep%3DI5D6PDVAMJDMPCBO76326EFKALPVCX2QPEA4R4KPZ4GCHCH5TWV3EWRXNMATII7XLMGAEOPL4E6BRRA3RKSS5J6WJR3OSGSYEWXZQNYSSJFEBF2P3GTK67LI7RFTHQ4ALUJMEPDWOPQGIZGYEBRJMI3PPXAR3G32MBXFE7GVEGX56GGEBLI7XHS2YTRSS2JOEGYS4XRAL5ZGMB2XFS3DW5CTR6G7IVQ3DSZNLYFZEJDAM4T2DCXQC66GFEWQTIU5V7KOXJYKQ3VTVASESETHT3DM33T74K5IIMEIN3TMA2ZJHXWHLHCWXBH324MQGQ7RE2V5S3BTKZ2BMYEVXDFXCLM76GIBDJXA476ZUKFMRKROR7A34ELHKOORMODDPDP3N4CSMJE2VBSTCBBNJ2EM6CQJYF6MTAIN4SJUO4JU3MUOKHSL3C3BUKSR2LQACAOBXRTN7M7MUUAYQSAGOP6IJWXB5O5AHULFVE5B7ORO4ITEVWMMDYPKEMJPGFQUDALAUKO6UN67C5524JHYQG5VIWA7AZZUKFCUO67DQI6HOOPETQSYHVXLJNWS4YRJMHJDVAAMCVHV4ZGP4%253D%253D%253D&icons=ATshaAXXVgH8KEm1d-jkZQo0mWrAAoEvdSk_udldhDphowJ5IphDbt44-vrts_gdT7oW1b8OH8AKTG2MW-GEBm0roIHPw9FBGwIwrTjITOSTlk473taRL9gVmgyQ_u87INIBHq8qARTuUVWyx8PUluiyOIGLX-IbMbzdRqhIQEq3jZ7jdlY_JNnK6H9ojeciIi_9CLcrTK53nccoTOx_nMz1EdTnsE1MZr15VY2qcAlCESLNDNZh39qFGB9l-qTuoFzB7MRLw8zAKmSq9E0BDSWKbA4gEgLd_IcYf_heUS4GAc3vBkWw3QUSHg5qNucB7rlmHH_51tQUUbhwM7ureXUmmtAuDYSACKilGRaOoyxfy-51a5zZQlqZ-AH9Sv3LiLLG7Z1iEdOW-MAYaTe4KReYBPtlr4PkFcMqY8EodfVu1TjKBH6_7cfolJ0ZfjHQ9_ReLY_P8Tgf7-kkx4lezwpjey-0rVULOlC1v5__bgY1HPXJwvRvm9vtjaHMJcAgsrgfCqVPnX35gUcvpZpsV8YLwBTxe8xHLfOeV2-YEYSRzGHo-YrIA4ZXbo1sezCX4s9dQSXj8QqW4azpPyXPXUb4ifyYETRKx50&ext_cid=0&px_id=3117050&min_cpm=0.016375047354685646&out_id=0&campaign_type=mq&aid=3412&cid=12971&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.018899587872083602&cpm=0&verify_hash=617ad7732a1d4ab59916c72a30164644&is_native=1&real_bid=0.0014765850394964294&original_bid_usd=0.00165&original_bid=0.00165&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,101,5,98,130&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=null&site=native-push-adult&price=0.00165&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000165&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=b34183d9-b858-46bf-82f8-d37bfbbdbca4&prev_step_diff=843 IP94.130.198.6:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=c&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=jp.4tube.top&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fjp.4tube.top%2Fcontact%2F----hotvid&refdom=jp.4tube.top&auction_time=1714600839&subid=809032184&sid=2077791367&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-01&iabcat=IAB25-3&keywords=&user_fp=11840477727300249902&score=15.970061455421785&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjp.4tube.top%252Fcontact%252F----hotvid%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=d8a247da09cd922865f4b19d42e551bd&url=https%3A%2F%2Fclick.eu.aneorwd.com%2Frtb%2Ffeedclick_inpage%3Ffeedid%3De703%26subid%3D3117050%26uuid%3Dfdf00c13-b90c-4cc1-a897-8dd3aa4696e9%26ep%3DI5D6PDVAMJDMPCBO76326EFKALPVCX2QPEA4R4KPZ4GCHCH5TWV3EWRXNMATII7XLMGAEOPL4E6BRRA3RKSS5J6WJR3OSGSYEWXZQNYSSJFEBF2P3GTK67LI7RFTHQ4ALUJMEPDWOPQGIZGYEBRJMI3PPXAR3G32MBXFE7GVEGX56GGEBLI7XHS2YTRSS2JOEGYS4XRAL5ZGMB2XFS3DW5CTR6G7IVQ3DSZNLYFZEJDAM4T2DCXQC66GFEWQTIU5V7KOXJYKQ3VTVASESETHT3DM33T74K5IIMEIN3TMA2ZJHXWHLHCWXBH324MQGQ7RE2V5S3BTKZ2BMYEVXDFXCLM76GIBDJXA476ZUKFMRKROR7A34ELHKOORMODDPDP3N4CSMJE2VBSTCBBNJ2EM6CQJYF6MTAIN4SJUO4JU3MUOKHSL3C3BUKSR2LQACAOBXRTN7M7MUUAYQSAGOP6IJWXB5O5AHULFVE5B7ORO4ITEVWMMDYPKEMJPGFQUDALAUKO6UN67C5524JHYQG5VIWA7AZZUKFCUO67DQI6HOOPETQSYHVXLJNWS4YRJMHJDVAAMCVHV4ZGP4%253D%253D%253D&icons=ATshaAXXVgH8KEm1d-jkZQo0mWrAAoEvdSk_udldhDphowJ5IphDbt44-vrts_gdT7oW1b8OH8AKTG2MW-GEBm0roIHPw9FBGwIwrTjITOSTlk473taRL9gVmgyQ_u87INIBHq8qARTuUVWyx8PUluiyOIGLX-IbMbzdRqhIQEq3jZ7jdlY_JNnK6H9ojeciIi_9CLcrTK53nccoTOx_nMz1EdTnsE1MZr15VY2qcAlCESLNDNZh39qFGB9l-qTuoFzB7MRLw8zAKmSq9E0BDSWKbA4gEgLd_IcYf_heUS4GAc3vBkWw3QUSHg5qNucB7rlmHH_51tQUUbhwM7ureXUmmtAuDYSACKilGRaOoyxfy-51a5zZQlqZ-AH9Sv3LiLLG7Z1iEdOW-MAYaTe4KReYBPtlr4PkFcMqY8EodfVu1TjKBH6_7cfolJ0ZfjHQ9_ReLY_P8Tgf7-kkx4lezwpjey-0rVULOlC1v5__bgY1HPXJwvRvm9vtjaHMJcAgsrgfCqVPnX35gUcvpZpsV8YLwBTxe8xHLfOeV2-YEYSRzGHo-YrIA4ZXbo1sezCX4s9dQSXj8QqW4azpPyXPXUb4ifyYETRKx50&ext_cid=0&px_id=3117050&min_cpm=0.016375047354685646&out_id=0&campaign_type=mq&aid=3412&cid=12971&uniq=&mid=2751090535859863021&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.018899587872083602&cpm=0&verify_hash=617ad7732a1d4ab59916c72a30164644&is_native=1&real_bid=0.0014765850394964294&original_bid_usd=0.00165&original_bid=0.00165&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,101,5,98,130&need_redirect_show=0&applied_features=coef_098,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=null&site=native-push-adult&price=0.00165&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000165&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=b34183d9-b858-46bf-82f8-d37bfbbdbca4&prev_step_diff=843 HTTP/1.1
Host: 5dc5532e35.6a377e2b5c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 01 May 2024 22:00:39 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | | 1.9 kB |
IP94.130.197.240:0 ASN#24940 Hetzner Online GmbH
Hashdfe65b001fc820a7d9b245fbeffb2c6f 6f05c19122ef476db76f00f2760a313565c54b95 74ee8d63152c9085912012183a96dedd156dd2671df0252df8c4e857c7002e36
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jp.4tube.top/
Content-Type: text/plain;charset=UTF-8
Content-Length: 954
Origin: https://jp.4tube.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 01 May 2024 22:00:39 GMT
content-type: application/json
content-length: 1877
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=7b5d4403-cfeb-4dc4-a376-8e22cfbeb68a&prev_step_diff=843 | 45.133.44.24 | | 486 B |
URL static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=7b5d4403-cfeb-4dc4-a376-8e22cfbeb68a&prev_step_diff=843 IP45.133.44.24:0 ASN#39572 DataWeb Global Group B.V.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.03&cpa=7b5d4403-cfeb-4dc4-a376-8e22cfbeb68a&prev_step_diff=843 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:39 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Thu, 01 May 2025 22:00:39 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.24 | | 1.1 kB |
URL static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.24:0 ASN#39572 DataWeb Global Group B.V.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:39 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Thu, 01 May 2025 22:00:39 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tracking.eu.antskre.com/rtb/feedimpression?uuid=fdf00c13-b90c-4cc1-a897-8dd3aa4696e9&s=101&d=136&feedid=e703&rt=1714600839192&sb=0.00165&db=0.003300&subid=3117050&tokid=null&url=HV7ETHSUSF4NZOC25VXLKXBU4NWD4LES4WOBDSIEPJFNXFW4OE5JLYM43I2PGVEHZN7ODEGAKQEFKIPIRX4EIZOF234JYDQUDF3U6EONQ3S47ZJLRXMWVGEEI3E2C2K5XKKYJWI57BSZX3DSWPUO2NRRKWJE6HEAXP3N5OLFK3NOTLJ4VIAA%3D%3D%3D%3D&i=88d0bd&u=d27150&g=NO&ad=&sp=&spv=&sm=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=bfa289e1-5a29-4a41-bbc7-188a8fcb23ff&prev_step_diff=843 | 138.68.123.32 | | 0 B |
URL tracking.eu.antskre.com/rtb/feedimpression?uuid=fdf00c13-b90c-4cc1-a897-8dd3aa4696e9&s=101&d=136&feedid=e703&rt=1714600839192&sb=0.00165&db=0.003300&subid=3117050&tokid=null&url=HV7ETHSUSF4NZOC25VXLKXBU4NWD4LES4WOBDSIEPJFNXFW4OE5JLYM43I2PGVEHZN7ODEGAKQEFKIPIRX4EIZOF234JYDQUDF3U6EONQ3S47ZJLRXMWVGEEI3E2C2K5XKKYJWI57BSZX3DSWPUO2NRRKWJE6HEAXP3N5OLFK3NOTLJ4VIAA%3D%3D%3D%3D&i=88d0bd&u=d27150&g=NO&ad=&sp=&spv=&sm=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=bfa289e1-5a29-4a41-bbc7-188a8fcb23ff&prev_step_diff=843 IP138.68.123.32:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/feedimpression?uuid=fdf00c13-b90c-4cc1-a897-8dd3aa4696e9&s=101&d=136&feedid=e703&rt=1714600839192&sb=0.00165&db=0.003300&subid=3117050&tokid=null&url=HV7ETHSUSF4NZOC25VXLKXBU4NWD4LES4WOBDSIEPJFNXFW4OE5JLYM43I2PGVEHZN7ODEGAKQEFKIPIRX4EIZOF234JYDQUDF3U6EONQ3S47ZJLRXMWVGEEI3E2C2K5XKKYJWI57BSZX3DSWPUO2NRRKWJE6HEAXP3N5OLFK3NOTLJ4VIAA%3D%3D%3D%3D&i=88d0bd&u=d27150&g=NO&ad=&sp=&spv=&sm=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.03&cpa=bfa289e1-5a29-4a41-bbc7-188a8fcb23ff&prev_step_diff=843 HTTP/1.1
Host: tracking.eu.antskre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
referrer-policy: no-referrer
location: https://notapt.xyz/dsp/ph/icm?aid=15192382151860309537&mid=0&sid=610&t=1714600839&subid=57033117050
content-length: 0
date: Wed, 01 May 2024 22:00:39 GMT
|
|
| notapt.xyz/dsp/ph/icm?aid=15192382151860309537&mid=0&sid=610&t=1714600839&subid=57033117050 | 31.220.27.100 | | 0 B |
URL notapt.xyz/dsp/ph/icm?aid=15192382151860309537&mid=0&sid=610&t=1714600839&subid=57033117050 IP31.220.27.100:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /dsp/ph/icm?aid=15192382151860309537&mid=0&sid=610&t=1714600839&subid=57033117050 HTTP/1.1
Host: notapt.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 01 May 2024 22:00:40 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
location: https://i.wmgtr.com/cic/m1VYaj_eycwh9FziH3Gbm0tDtjknRjXL.png
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | | 5.3 kB |
URL www.w3schools.com/w3css/4/w3.css IP192.229.133.221:0
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jp.4tube.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 9779
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Wed, 01 May 2024 22:00:40 GMT
etag: "052e87e29ada1:0+gzip"
last-modified: Tue, 30 Apr 2024 09:41:08 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| i.wmgtr.com/cic/m1VYaj_eycwh9FziH3Gbm0tDtjknRjXL.png | 45.133.44.33 | | 33 kB |
URL i.wmgtr.com/cic/m1VYaj_eycwh9FziH3Gbm0tDtjknRjXL.png IP45.133.44.33:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hash49ffa73bdff135d60e0fa624de9c8a4f 5ee4163a7d63d4bc5994a0a99dd1806ac0345764 f53aaeadef6db3166a7a65ffbb222aefee91b4a97e3bf1f1d080be1f18407e97
GET /cic/m1VYaj_eycwh9FziH3Gbm0tDtjknRjXL.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 22:00:40 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 02 May 2024 21:00:40 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
0.0.0.0