Report - nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4

Report Overview

Submitted URL
nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-03 22:03:23
Access
public
Website Title
nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Final URL
nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-02	1.8 kB	8.1 kB	74.125.131.84
nekodrive.biz.id	unknown	unknown	No data	No data	1.7 kB	32 kB	188.114.97.1
cdn.fluidplayer.com	33284	2016-09-22	2017-08-29	2024-05-03	879 B	252 kB	185.76.9.26
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-02	487 B	2.3 kB	94.130.197.240
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-05-03	1.0 kB	819 B	157.90.84.242
js.capndr.com	316718	2021-08-30	2021-08-30	2024-05-02	403 B	374 B	45.133.44.52
2b6b88fc7b.a1bbcd100e.com	unknown	2024-04-03	2024-05-03	2024-05-03	833 B	320 B	45.133.44.52
wkcdn.stook.cloud	unknown	2023-07-26	2023-10-22	2024-01-07	588 B	325 kB	104.21.8.251
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-05-03	528 B	1.6 kB	104.21.30.242
0afc4c07a9.9fbdc30642.com	unknown	2024-04-03	2024-05-03	2024-05-03	1.4 kB	208 kB	45.133.44.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	a1bbcd100e.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	nekodrive.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-18
Pretty URL nekodrive.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-18 01:57:54 Times Seen44290 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	js.capndr.com/advertising.js	0 B	2023-03-07	2024-05-18
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 03:39:19 Times Seen37766997 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	0afc4c07a9.9fbdc30642.com/3fa30860af561c50f9fa6f09cdabda07.js	97 kB	2024-04-18	2024-05-07
Pretty URL 0afc4c07a9.9fbdc30642.com/3fa30860af561c50f9fa6f09cdabda07.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:57:28 Last Seen2024-05-07 05:08:18 Times Seen497 Hash 78b4de711a43c2a7b7e06da3d25cc4ab a5fdc5739214b95d24fffd2600ee204eb75db415 97a18ee59823abe90c1e22b83e292d5ac33da2cdb3555372abd7a7f9989c1ea2 Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-18
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-18 03:25:12 Times Seen5382 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	unknown	67 B	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 00:03:30 Last Seen2024-05-04 00:03:30 Times Seen1 Hash 4c856a149b2781a9838315da3a766433 d1116b80f067ecd99cd1f25b2949a7f08bf7fa2a 26d5ec7e9da5b67822053ea4264963996be83d3360695d9d6eb130c1e75a6ab4 Loading...

	nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4	6.4 kB	2024-05-04	2024-05-04
Pretty URL nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 00:03:30 Last Seen2024-05-04 00:03:30 Times Seen1 Hash 3d1847da29b4aae44974944753c407e6 bd789ff0af1a350c94a8a2029198769884e6562b c6ff1b317514f406fd05c2c59816aef37570ac8f3ace2e0ca722095f932c146f Loading...

	0afc4c07a9.9fbdc30642.com/345572815f3b6726ddc5ccee20a9f4a8.js	109 kB	2024-04-24	2024-05-07
Pretty URL 0afc4c07a9.9fbdc30642.com/345572815f3b6726ddc5ccee20a9f4a8.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:00:34 Last Seen2024-05-07 11:41:50 Times Seen663 Hash 41230c1446cb19310867b6c3e10f8bec f600745dccd0143bbd1d83d44bd776c74f69866b 713bc0015ac5ef37f48ad9f49aa4521912b705cf01bf19409f98235b28d41dfe Loading...

	cdn.fluidplayer.com/v3/current/fluidplayer.min.js	233 kB	2024-04-06	2024-05-17
Pretty URL cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 22:07:12 Last Seen2024-05-17 23:49:20 Times Seen147 Hash 9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698 Loading...

	unknown	662 B	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 00:03:30 Last Seen2024-05-04 00:03:30 Times Seen1 Hash 0986d746395819cf12e63d92d01c52a2 f65b744d6cf5ab7ab37f395e2c21bbbee9af1fae f56d4b24d704dcef8b9ceba709a9635754f5c3fab107aae9173f32c41dc53f07 Loading...

	unknown	424 B	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 00:03:30 Last Seen2024-05-04 00:03:30 Times Seen1 Hash 695c939e65b9af914210d51ce795e5de aa92aeb9242a4c97385ea02185c1301b647b9928 d85df5d3908bfc7a982b8455d553a59b312e73f20dd8f59eefff49a26624b2b4 Loading...

HTTP Transactions (18)

URL IP Response Size

0afc4c07a9.9fbdc30642.com/5014ec36976a0c921ff879617422392b/144107?version_name=d

45.133.44.53

200 OK

1.1 kB

URL GET HTTP/2
0afc4c07a9.9fbdc30642.com/5014ec36976a0c921ff879617422392b/144107?version_name=d
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subject0afc4c07a9.9fbdc30642.com
Fingerprint9D:0F:4E:A7:C3:AC:A0:6E:EF:F4:56:62:CC:83:32:E6:02:20:E0:CB
ValidityTue, 30 Apr 2024 02:20:22 GMT - Mon, 29 Jul 2024 02:20:21 GMT

File type
JSON text data
Size
1.1 kB (1147 bytes)
Hash
a262ee45539bdc291741b40d9ad06380
8f6cbfa54eb246895917a2e36fe88ddf8ee895bd
4a56880592dfe5ba87f0a52b201f9bb0d20b91c937f96d37baedc477060e47aa

HTTP Headers

GET /5014ec36976a0c921ff879617422392b/144107?version_name=d HTTP/1.1
Host: 0afc4c07a9.9fbdc30642.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/json
content-length: 1147
server: nginx/1.18.0
cache-control: max-age=300
expires: Fri, 03 May 2024 22:07:58 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06
ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Fri, 03 May 2024 22:07:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=144107

157.90.84.242

200 OK

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=144107
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=144107 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://nekodrive.biz.id/
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Fri, 03 May 2024 22:02:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://nekodrive.biz.id
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

2b6b88fc7b.a1bbcd100e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk3MzUxNzU3NzMyNDYwMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNDQxMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.52

200 OK

0 B

URL GET HTTP/2
2b6b88fc7b.a1bbcd100e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk3MzUxNzU3NzMyNDYwMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNDQxMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subject2b6b88fc7b.a1bbcd100e.com
Fingerprint64:1D:A5:1D:1F:41:28:42:D3:AE:BA:C2:6B:8E:03:48:D1:46:28:08
ValidityTue, 30 Apr 2024 02:50:36 GMT - Mon, 29 Jul 2024 02:50:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk3MzUxNzU3NzMyNDYwMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNDQxMDcsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 2b6b88fc7b.a1bbcd100e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:59 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=144107

157.90.84.242

200 OK

58 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=144107
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
201328753d359ed6101fd718f40a0987
92830b97da5731bde623915dbee83f1442cd6d28
ec9c14d29249320bd6e9194a07a354616f9df7f39e4b899460dbe1ad1b686d36

HTTP Headers

POST /fp?tag_id=144107 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 03 May 2024 22:02:59 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nekodrive.biz.id
Set-Cookie: id=18275107806234358905; Expires=Sat, 03 May 2025 22:02:59 GMT; Secure; SameSite=None
Vary: Origin

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ul-k8rzRizjw2MIikEmliCYsd-2yYA:bG_LjFUSFlyR8rzJ; Expires=Sun, 03-May-2026 22:02:59 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 May 2024 22:02:59 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwb9K_wHAnGmJaSaOPP4uW8YeZN_pc6GitEX-0fbmpZWsMXFLBSFInNwbpB1lM2_mpacYjnHg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-PJyX5M_JU7GfLniTnOBu3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwb9K_wHAnGmJaSaOPP4uW8YeZN_pc6GitEX-0fbmpZWsMXFLBSFInNwbpB1lM2_mpacYjnHg

74.125.131.84

302 Found

427 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwb9K_wHAnGmJaSaOPP4uW8YeZN_pc6GitEX-0fbmpZWsMXFLBSFInNwbpB1lM2_mpacYjnHg
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type
HTML document, ASCII text, with very long lines (406)
Size
427 B (427 bytes)
Hash
83a843bf400d1f256edad18c63051828
f294d039fb213d12e97d8d898b1e4e6f9526ad86
86d774f7654a8febfa65b2df7f76c5f5771f2c2c48c68bf6c471a546c43c2cc8

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwb9K_wHAnGmJaSaOPP4uW8YeZN_pc6GitEX-0fbmpZWsMXFLBSFInNwbpB1lM2_mpacYjnHg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:li4ZPZMNneFfj_tBDUBS7z7YU6bhWA:KWAb4S8V8LxbRqjv;Path=/;Expires=Sun, 03-May-2026 22:02:59 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 May 2024 22:02:59 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz3XBdf48HSF7XweIg0MVe2f5gz9KBdaWDRal2WEkMknQ7ichBAE682ItX4AdJojH0AWs3NGw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046816340%3A1714773779459380&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-BY5OCrk1GmhiuZNkWO03dw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz3XBdf48HSF7XweIg0MVe2f5gz9KBdaWDRal2WEkMknQ7ichBAE682ItX4AdJojH0AWs3NGw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046816340%3A1714773779459380&theme=mn&ddm=0

74.125.131.84

403 Forbidden

2.7 kB

URL GET HTTP/2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz3XBdf48HSF7XweIg0MVe2f5gz9KBdaWDRal2WEkMknQ7ichBAE682ItX4AdJojH0AWs3NGw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046816340%3A1714773779459380&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type
gzip compressed data, max compression
Size
2.7 kB (2709 bytes)
Hash
f2e8ddd3a80c3e39e41957943996e687
a7dd2203956c9b01dcb1d24b038342734d295efb
221046d1cf2f3be594412170f8c28f81917c3a174af427325268e6a86addcd9b

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz3XBdf48HSF7XweIg0MVe2f5gz9KBdaWDRal2WEkMknQ7ichBAE682ItX4AdJojH0AWs3NGw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2046816340%3A1714773779459380&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 May 2024 22:02:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-hmvW02o-4eQnGcT_VMXXAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4

104.21.8.251

206 Partial Content

324 kB

URL GET HTTP/2
wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
IP
104.21.8.251:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectstook.cloud
Fingerprint43:56:85:AA:5D:A1:D0:7E:91:9C:D8:81:C0:C3:5F:60:6B:78:C0:F3
ValiditySat, 06 Apr 2024 15:57:22 GMT - Fri, 05 Jul 2024 15:57:21 GMT

File type
data
Size
324 kB (323785 bytes)
Hash
57f82a2d28a9730c59c927d5825ce51f
1a9f8738c777dfdae8ecf853b6ac7e76ba02423b
111436ca05cc456550f712cf01bdbe14444a483cf100e1a6743aca842c38b93a

HTTP Headers

GET /006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4 HTTP/1.1
Host: wkcdn.stook.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=148570112-
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 03 May 2024 22:03:01 GMT
content-type: video/mp4
content-length: 323785
last-modified: Mon, 25 Jul 2022 13:54:52 GMT
content-disposition: inline; filename="Goddess of Money and Maid Clothes (Mitsuboshil).mp4"
etag: "62dea0ac-8dff0c9"
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
wapkacdn: PrimaryServer
cache-control: max-age=43200
cf-cache-status: HIT
age: 0
content-range: bytes 148570112-148893896/148893897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dq7TRH0oBc2whWhViVu5q9Niz8swP3lwdFl9fCKXgBdctz30lf9LeVq784iPUSui9B3uLWMarCbvhs0ddtnVkmuxnJFU70ru4yKc13QvNLKk1W36wfVSTRAsV5JFVfN2%2BDYYuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e389d5aedfb4eb-OSL
alt-svc: h3=":443"; ma=86400

nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4

188.114.97.1

200 OK

9.6 kB

URL User Request GET HTTP/2
nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectnekodrive.biz.id
Fingerprint73:85:51:15:18:06:14:9C:EC:55:C2:3C:C8:6E:18:45:27:C6:89:3D
ValidityFri, 03 May 2024 14:33:32 GMT - Thu, 01 Aug 2024 14:33:31 GMT

File type
HTML document, ASCII text, with very long lines (9954), with no line terminators
Size
9.6 kB (9557 bytes)
Hash
5cb7b401fb3d615cd7bfecd3e9936d02
029231bd31b8f7a1e01f35d89e7d7f472422895d
8a2f545774477ee71dcd937f475b7bb084c08aec4db97fe9ec7a0ccf4ebcd9f6

HTTP Headers

GET /embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4 HTTP/1.1
Host: nekodrive.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6ECocLsp4VZhRZ5Ms%2FzwiJtO%2FKKTRuL%2FnpbtMX9UmRJ6Vn8M2rnZXDk02dqWBa8cvDcwDD0%2BXmtnHTcJVEDKsOdn6lVl1siaDXkFe2F%2Fx5e%2FTeA69%2BeZrAHz3PQqPpB2sYN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e389ce0c5456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.fluidplayer.com/v3/current/fluidplayer.min.js

185.76.9.26

200 OK

233 kB

URL GET HTTP/2
cdn.fluidplayer.com/v3/current/fluidplayer.min.js
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectfluidplayer.com
FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76
ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65463)
Size
233 kB (232616 bytes)
Hash
9829e8e730a9125e695789512d85177a
e20a0d55ab1722ef3ad13741a2b8975413d43909
7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698

HTTP Headers

GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3ugQAAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af5856302a423749125f3566f59a471f
x-accel-expires: @1714858968
x-accel-date: 1714772568
x-77-cache: HIT
x-77-age: 1210
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 1210
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

mcpuwpsh.com/get/

94.130.197.240

200 OK

1.9 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1913), with no line terminators
Size
1.9 kB (1901 bytes)
Hash
1f06bc1bc7513d78e51cdff1209a1f2a
e5ccdef4ef0b28dcc2a333e1b8be304642c78866
764018e48f1b8dac0fa54e91f8d8bb162dccba39b788682207440be5c4942f22

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nekodrive.biz.id/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1021
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 03 May 2024 22:02:59 GMT
content-type: application/json
content-length: 1901
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

0afc4c07a9.9fbdc30642.com/3fa30860af561c50f9fa6f09cdabda07.js

45.133.44.53

200 OK

97 kB

URL GET HTTP/2
0afc4c07a9.9fbdc30642.com/3fa30860af561c50f9fa6f09cdabda07.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subject0afc4c07a9.9fbdc30642.com
Fingerprint9D:0F:4E:A7:C3:AC:A0:6E:EF:F4:56:62:CC:83:32:E6:02:20:E0:CB
ValidityTue, 30 Apr 2024 02:20:22 GMT - Mon, 29 Jul 2024 02:20:21 GMT

File type

Size
97 kB (97000 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /3fa30860af561c50f9fa6f09cdabda07.js HTTP/1.1
Host: 0afc4c07a9.9fbdc30642.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Fri, 03 May 2024 22:07:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

nekodrive.biz.id/favicon.ico

188.114.97.1

200 OK

8.3 kB

URL GET HTTP/3
nekodrive.biz.id/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectnekodrive.biz.id
Fingerprint73:85:51:15:18:06:14:9C:EC:55:C2:3C:C8:6E:18:45:27:C6:89:3D
ValidityFri, 03 May 2024 14:33:32 GMT - Thu, 01 Aug 2024 14:33:31 GMT

File type
HTML document, ASCII text, with very long lines (8491), with no line terminators
Size
8.3 kB (8284 bytes)
Hash
fffdced6edeaa5c702e50217c64cfc8e
25d0078965dd573e8a102ebc0551a2919aa82146
8eb02ecb476478e10e428287363916ee89117c9c6e0fab9f2e49e12bebf41e05

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: nekodrive.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 22:02:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 22:02:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5d3UElBak9V52%2FHCY8NPX8pw3kgfW2oteZVKgC98N%2FFew0F4k2uxVLAjyxkIJh%2BQCTTXtCkqC94xnZE76cSkmjHqgzVvZHr44KQnk2Vq%2BVXRQKUZ9zP%2F9CmKl0ySA2pixu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e389d8a8dfb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg

185.76.9.26

200 OK

19 kB

URL GET HTTP/2
cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subjectfluidplayer.com
FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76
ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT

File type
SVG Scalable Vector Graphics image
Size
19 kB (18560 bytes)
Hash
805524b1fa0e091076d7afbf68e31133
ab696de0e85a7ce728cbe9b4131f5f4d528fb788
ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd

HTTP Headers

GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:03:01 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3BQQAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: af5856302a423749155f356658d47409
x-accel-expires: @1714859152
x-accel-date: 1714772752
x-77-cache: HIT
x-77-age: 1029
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 1029
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

nekodrive.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
nekodrive.biz.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectnekodrive.biz.id
Fingerprint73:85:51:15:18:06:14:9C:EC:55:C2:3C:C8:6E:18:45:27:C6:89:3D
ValidityFri, 03 May 2024 14:33:32 GMT - Thu, 01 Aug 2024 14:33:31 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nekodrive.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5WTeRQAKDfcXZpdO14vI2zr0t8W5CLlaitzOuaic9qJBc8f5wZVqJlbimDosr3pNkutK9SOTHzRYRlg0LtlRs1g6REed4BkMcgzDOXaRynExMzO339L221ZtFr3wicpUr2%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e389d2eaa0b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 05 May 2024 22:02:58 GMT
cache-control: max-age=172800, public
content-encoding: gzip

0afc4c07a9.9fbdc30642.com/345572815f3b6726ddc5ccee20a9f4a8.js

45.133.44.53

200 OK

109 kB

URL GET HTTP/2
0afc4c07a9.9fbdc30642.com/345572815f3b6726ddc5ccee20a9f4a8.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerLet's Encrypt
Subject0afc4c07a9.9fbdc30642.com
Fingerprint9D:0F:4E:A7:C3:AC:A0:6E:EF:F4:56:62:CC:83:32:E6:02:20:E0:CB
ValidityTue, 30 Apr 2024 02:20:22 GMT - Mon, 29 Jul 2024 02:20:21 GMT

File type

Size
109 kB (109340 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /345572815f3b6726ddc5ccee20a9f4a8.js HTTP/1.1
Host: 0afc4c07a9.9fbdc30642.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nekodrive.biz.id
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Fri, 03 May 2024 22:07:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

882 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nekodrive.biz.id/embed/?id=https://wkcdn.stook.cloud/006qon/ef328b193b3a78858b36f24c090f57a8/goddess-of-money-and-maid-clothes-mitsuboshil.mp4
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (919), with no line terminators
Size
882 B (882 bytes)
Hash
053b1fe641da8057571d40ebaf1624ab
09b2648b7d08c84621298f0b939cea5170a65022
6606334874a3edb8295831f41d3684433e4553ffe0a72e58c90926e00f39c6a4

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nekodrive.biz.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 22:02:58 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 73bf268768ce9e85811d7b38862539c7
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qccLOc3QkYCW64JcDlB3XPl5%2BEq3NUU1iR2h7YVpIF%2BuLo8Yj4ENt%2FALGAhUXr%2BvH%2BiGK%2F3ViYER4CmeWyPXJ5IjinSNbO%2FH%2FOAmRzOcgcTycb9kHA5LoGtT%2Fg3fqMOZdjAyE1c0qR%2BgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e389d65aa80b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by