Report - video.ebalka.pro

Report Overview

Submitted URL
video.ebalka.pro
IP
31.210.171.172
ASN
#207728 EUROHOSTER Ltd.
Submitted
2024-04-19 00:00:17
Access
public
Website Title
Смотреть бесплатно порно видео на admin.uzmob.ru
Final URL
video.ebalka.pro/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
efb785d6e4.9476c211af.com	unknown	unknown	No data	No data	5.9 kB	949 B	168.119.25.102
js.cabnnr.com	37463	unknown	2021-08-30	2024-04-17	417 B	57 kB	45.133.44.52
js.wpushsdk.com	36947	unknown	2021-05-07	2024-04-17	832 B	161 kB	45.133.44.52
nereserv.com	40015	2020-12-21	2020-12-21	2024-04-06	605 B	320 B	94.130.198.6
accounts.google.com	81	1997-09-15	2016-03-20	2024-04-18	1.7 kB	5.3 kB	173.194.73.84
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2024-04-18	672 B	1.6 kB	172.64.149.23
js.capndr.com	316718	2021-08-30	2021-08-30	2024-04-14	402 B	374 B	45.133.44.52
na.nawpush.com	38563	2020-12-21	2020-12-23	2024-04-10	442 B	4.0 kB	45.133.44.25
notification.tubecup.net	8210	2008-09-26	2019-08-30	2024-04-17	1.0 kB	1.9 kB	88.198.204.164
ntvpforever.com	40558	2021-11-18	2021-11-19	2024-04-18	1.0 kB	684 B	94.130.198.6
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-04-18	1.1 kB	2.2 kB	45.133.44.25
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-04-16	525 B	1.6 kB	104.21.30.242
video.ebalka.pro	unknown	unknown	No data	No data	9.3 kB	233 kB	31.210.171.172
milfvideo.top	unknown	2020-08-28	2020-09-02	2023-11-23	817 B	2.3 kB	136.244.105.89
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2024-04-10	834 B	51 kB	45.133.44.52
afde41b0e1.3dbc026bec.com	unknown	unknown	No data	No data	831 B	320 B	45.133.44.52
trafban.ru	unknown	2014-11-23	2015-01-23	2024-01-16	333 B	5.2 kB	37.140.192.240
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-04-09	1.0 kB	816 B	157.90.84.242
jykgqn.xyz	unknown	unknown	No data	No data	599 B	227 B	31.220.27.99
i.wmgtr.com	13696	2020-09-11	2020-09-11	2024-04-03	828 B	568 kB	45.133.44.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 23:59:57	low	168.119.25.102	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-04-18 23:59:57	low	168.119.25.102	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-04-18 23:59:58	medium	31.220.27.99	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	3dbc026bec.com	Sinkholed
2024-04-18	medium	9476c211af.com	Sinkholed
2024-04-18	medium	9476c211af.com	Sinkholed
2024-04-18	medium	9476c211af.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	video.ebalka.pro/	122 B	2023-03-26	2024-04-19
Pretty URL video.ebalka.pro/ IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 13:53:16 Last Seen2024-04-19 02:00:25 Times Seen6 Hash af2b9d071ab4b65c1e8ca55c259cdfcd da810b8b037460ba7a9269d821898e0e3a957857 c56438ab8e3283d73b4058984557cd11f75a12f006eb01d65b88739e8c89e476 Loading...

	js.wpadmngr.com/static/adManager.js	1.7 kB	2024-04-09	2024-05-02
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57:02 Last Seen2024-05-02 04:58:21 Times Seen89 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	milfvideo.top/click_pr.js	1.6 kB	2023-03-26	2024-04-19
Pretty URL milfvideo.top/click_pr.js IP 136.244.105.89 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:53:16 Last Seen2024-04-19 02:00:25 Times Seen15 Hash 136a6509bf6ebf74080d5fb43d77ceed 1fa4e7d551bef54f3da7c0e5dd6654926fb39b33 d413549155a6cf7976dd425ff2c45f2985ec7bac1bb67ba75bfa011441436cdb Loading...

	video.ebalka.pro/	172 B	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/ IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen1 Hash 99639c082ea5e58db99d06b0a485fb75 8b093494734d0c50846a775117221931a61668f2 e2fc4a0b8684d379d3bff01b52926b494196e294bbc9dcfcdb5f635f22e2930f Loading...

	video.ebalka.pro/	306 B	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/ IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen1 Hash ab18f0d52315daaf473c6974cada2d21 4d860a0ec5e2bc7bf94793062f8983540a9502a5 c71d3eddf8423ca36893b136a6bd10043c87ad0843a5d118edcd469b3e669e3d Loading...

	milfvideo.top/baner/js/jquery.rotator.min.js	2.8 kB	2024-04-19	2024-04-19
Pretty URL milfvideo.top/baner/js/jquery.rotator.min.js IP 136.244.105.89 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen1 Hash 382fdc68c38a7ba48f993bb0de853d89 228321fce1d593cc739242a1f7d177a7001293d1 25c88a663f08782e8bec862631effae7c4213f3db33983390826faa3a04b2475 Loading...

	video.ebalka.pro/files/custom.js	1.4 kB	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/files/custom.js IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen2 Hash 8e419d683cf830c556a8b5aa18a8d023 777b4c67c3539105be5c6628a81f170cfd6b3db1 850088988d89e34cc9ee5116aa327641ca38ea6002cc72717cf962406e618d70 Loading...

	video.ebalka.pro/like_dislike.js	7.7 kB	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/like_dislike.js IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen2 Hash 4cb687f5e559daac4ce2f2c8eb19a3b8 fbeff06966437cc1bd6cc6cfda3d3e34d884a2d4 6a883ea5c9ece5f50a34fec6a1217ea840e591f56155deaafd9becc2ccd65c48 Loading...

	video.ebalka.pro/	1.2 kB	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/ IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen1 Hash 77f9acf61b80e06a720dc8a073b43def 4161264b0e8bb7fd6b865d3e5375e493013da13e 85bd09d2c6eff930a78f332d09a2cc0b847bcb3d4691b1989995adb3c770b09f Loading...

	video.ebalka.pro/files/jquery.lazyload.min.js	3.4 kB	2023-03-07	2024-05-02
Pretty URL video.ebalka.pro/files/jquery.lazyload.min.js IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:08 Last Seen2024-05-02 05:29:13 Times Seen1555 Hash 89c45121934ed4664ff3ca811a008226 848216f1d67cc7c6c6214db1a771f8c4653f06d6 e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7 Loading...

	video.ebalka.pro/	61 B	2024-04-19	2024-04-19
Pretty URL video.ebalka.pro/ IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 02:00:25 Last Seen2024-04-19 02:00:25 Times Seen1 Hash e416fd3bd245524750e6bf413ba0f78e 72400013eb587367cc16ee2aee5c20d660fb784b 1e843c6b6dc8e869ffaafde038dc609da964a2eb58f5ae13e459e0efcf5bb1af Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-02
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-02 05:44:42 Times Seen4428 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	js.cabnnr.com/banner-admanager/build.m.js	56 kB	2024-04-18	2024-04-22
Pretty URL js.cabnnr.com/banner-admanager/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 00:30:32 Last Seen2024-04-22 00:47:43 Times Seen27 Hash 2fe694e9fc886ced6a74dcd05cf0847d db4944a7f33bc2175a89b8a4ca63073c19c4f742 faf3f561ef543631bd615343f98db5eb3ac4f32754444f014243f5d67427ef58 Loading...

	video.ebalka.pro/files/jquery.js	95 kB	2023-03-07	2024-05-02
Pretty URL video.ebalka.pro/files/jquery.js IP 31.210.171.172 ASN #207728 EUROHOSTER Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-02 05:56:59 Times Seen13896 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	js.wpadmngr.com/static/adManager.m.js	109 kB	2024-04-18	2024-04-22
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:15 Last Seen2024-04-22 01:35:38 Times Seen61 Hash f31844465d91bd39450754f9a2d1605f 4287df428dc66eb848e39456eaa347907f1a9de9 6815fb11bf427d0f54a9934d03f13dd0af2df73a1ec211d0f747688bfe67eaad Loading...

	js.capndr.com/advertising.js	0 B	2023-03-07	2024-05-02
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 06:03:39 Times Seen37264278 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	168 kB	2024-04-18	2024-04-25
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 15:17:27 Last Seen2024-04-25 13:00:05 Times Seen114 Hash 32b2a07fd6101a0375f1a6b103e6aa3b 68a340516f7f727a1917a580e62e55f6afa32607 c0006f5040368c0d43bd3c282bb8cda847f0f78e3702fee54d1d71bf5f04f2cc Loading...

	js.wpushsdk.com/skins/nmain.m.js	470 kB	2024-04-16	2024-05-02
Pretty URL js.wpushsdk.com/skins/nmain.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:37:10 Last Seen2024-05-02 05:44:43 Times Seen401 Hash 2902e331e5e735ad63e7510dfc434c5b 8f276d26159f74561fb370144b8cafba8bcc8bd3 26106440376cfc59241a9ef152d26483d436f1c155744bda92a41d3906e60ba2 Loading...

HTTP Transactions (56)

URL IP Response Size

video.ebalka.pro/files/styles.css

31.210.171.172

200 OK

5.5 kB

URL GET HTTP/1.1
video.ebalka.pro/files/styles.css
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
Unicode text, UTF-8 text, with very long lines (1026)
Size
5.5 kB (5480 bytes)
Hash
e6a948b2eb4a4a1e5d1d997efc4082f8
7ab709c30a833e5bba8f0861d2e40a253bf63af5
7fa8b39ac2a670c6ece5e5292b75560fde194acb8164e87879dc8ea450bc4e3c

HTTP Headers

GET /files/styles.css HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: text/css
Last-Modified: Sun, 24 Apr 2022 07:40:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6264feff-6251"
Content-Encoding: gzip

video.ebalka.pro/

31.210.171.172

200 OK

8.1 kB

URL User Request GET HTTP/1.1
video.ebalka.pro/
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3084), with CRLF, LF line terminators
Size
8.1 kB (8098 bytes)
Hash
1b7d111a90c10b4334521e152d3fe9e4
5716af942c654f26c46910806267a4df678cc4dd
04138d95cd374416fd8a861ae1a3096428a54b214509c47bb96955e057f1f098

HTTP Headers

GET / HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16
Set-Cookie: lid=3su132pg7ujq3f6bofqbd4shn5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip

video.ebalka.pro/files/lazy.jpg

31.210.171.172

200 OK

1.5 kB

URL GET HTTP/1.1
video.ebalka.pro/files/lazy.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 240x180, components 3
Size
1.5 kB (1548 bytes)
Hash
e50e0dd7ee5fedbabbedab0ca2076e48
a6bb8058c876f9dbdf5c20f9a9ed0c5b0782417d
352e129ffcfeb30058918bddf7d17cc9adcfed24606c1328ed7515a109701d5c

HTTP Headers

GET /files/lazy.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 18:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448fc-ffa"
Content-Encoding: gzip

video.ebalka.pro/files/logo.png

31.210.171.172

200 OK

3.4 kB

URL GET HTTP/1.1
video.ebalka.pro/files/logo.png
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
PNG image data, 199 x 66, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3350 bytes)
Hash
2ca4994bc983d86a676b582ba9b2dbb8
17201c10e9f35195702ce717fd805f43b330eddd
4a85ce77e490543e718f41f522aa42102f7d57de64810d0eaf8a020a11a26ed8

HTTP Headers

GET /files/logo.png HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/png
Last-Modified: Sat, 23 Apr 2022 19:18:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645106-e1c"
Content-Encoding: gzip

milfvideo.top/baner/js/jquery.rotator.min.js

136.244.105.89

200 OK

883 B

URL GET HTTP/1.1
milfvideo.top/baner/js/jquery.rotator.min.js
IP
136.244.105.89:443
ASN
#20473 AS-CHOOPA

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectmilfvideo.top
FingerprintE5:59:0E:3D:53:58:67:77:BC:B0:F2:A8:9A:28:D7:D0:37:96:C3:81
ValiditySat, 30 Mar 2024 00:15:37 GMT - Fri, 28 Jun 2024 00:15:36 GMT

File type
CSV text
Size
883 B (883 bytes)
Hash
06511368f15568ff6e3740a394f27a24
86718e7e38b9e91be0e47e3c2b8b882e9f137e5e
20a007f961377959a89631280b15ea13cd15d1f2edf1b70cea0685aa0fb41407

HTTP Headers

GET /baner/js/jquery.rotator.min.js HTTP/1.1
Host: milfvideo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript
Last-Modified: Thu, 01 Feb 2024 05:49:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65bb30f8-b0e"
Expires: Fri, 18 Apr 2025 23:59:55 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

milfvideo.top/click_pr.js

136.244.105.89

200 OK

738 B

URL GET HTTP/1.1
milfvideo.top/click_pr.js
IP
136.244.105.89:443
ASN
#20473 AS-CHOOPA

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectmilfvideo.top
FingerprintE5:59:0E:3D:53:58:67:77:BC:B0:F2:A8:9A:28:D7:D0:37:96:C3:81
ValiditySat, 30 Mar 2024 00:15:37 GMT - Fri, 28 Jun 2024 00:15:36 GMT

File type
ASCII text, with CRLF line terminators
Size
738 B (738 bytes)
Hash
136a6509bf6ebf74080d5fb43d77ceed
1fa4e7d551bef54f3da7c0e5dd6654926fb39b33
d413549155a6cf7976dd425ff2c45f2985ec7bac1bb67ba75bfa011441436cdb

HTTP Headers

GET /click_pr.js HTTP/1.1
Host: milfvideo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript
Last-Modified: Thu, 03 Mar 2022 10:15:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62209538-621"
Expires: Fri, 18 Apr 2025 23:59:55 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip

video.ebalka.pro/files/css/font-awesome.min.css

31.210.171.172

200 OK

7.0 kB

URL GET HTTP/1.1
video.ebalka.pro/files/css/font-awesome.min.css
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
ASCII text, with very long lines (30837)
Size
7.0 kB (7048 bytes)
Hash
008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

HTTP Headers

GET /files/css/font-awesome.min.css HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: text/css
Last-Modified: Sat, 23 Apr 2022 18:44:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448fe-7917"
Content-Encoding: gzip

video.ebalka.pro/like_dislike.js

31.210.171.172

200 OK

2.2 kB

URL GET HTTP/1.1
video.ebalka.pro/like_dislike.js
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JavaScript source, Unicode text, UTF-8 text
Size
2.2 kB (2201 bytes)
Hash
4cb687f5e559daac4ce2f2c8eb19a3b8
fbeff06966437cc1bd6cc6cfda3d3e34d884a2d4
6a883ea5c9ece5f50a34fec6a1217ea840e591f56155deaafd9becc2ccd65c48

HTTP Headers

GET /like_dislike.js HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sat, 23 Apr 2022 18:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448f3-1e3b"
Content-Encoding: gzip

video.ebalka.pro/files/custom.js

31.210.171.172

200 OK

347 B

URL GET HTTP/1.1
video.ebalka.pro/files/custom.js
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JavaScript source, ASCII text
Size
347 B (347 bytes)
Hash
8e419d683cf830c556a8b5aa18a8d023
777b4c67c3539105be5c6628a81f170cfd6b3db1
850088988d89e34cc9ee5116aa327641ca38ea6002cc72717cf962406e618d70

HTTP Headers

GET /files/custom.js HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sat, 23 Apr 2022 18:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448fc-598"
Content-Encoding: gzip

video.ebalka.pro/files/jquery.lazyload.min.js

31.210.171.172

200 OK

1.3 kB

URL GET HTTP/1.1
video.ebalka.pro/files/jquery.lazyload.min.js
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JavaScript source, ASCII text, with very long lines (3309)
Size
1.3 kB (1297 bytes)
Hash
89c45121934ed4664ff3ca811a008226
848216f1d67cc7c6c6214db1a771f8c4653f06d6
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

HTTP Headers

GET /files/jquery.lazyload.min.js HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sat, 23 Apr 2022 18:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448fc-d35"
Content-Encoding: gzip

video.ebalka.pro/files/jquery.js

31.210.171.172

200 OK

34 kB

URL GET HTTP/1.1
video.ebalka.pro/files/jquery.js
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33673 bytes)
Hash
b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

HTTP Headers

GET /files/jquery.js HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Sat, 23 Apr 2022 18:44:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448fc-17278"
Content-Encoding: gzip

trafban.ru/im/4523

37.140.192.240

200 OK

5.0 kB

URL GET HTTP/1.1
trafban.ru/im/4523
IP
37.140.192.240:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://video.ebalka.pro/

File type
GIF image data, version 89a, 150 x 60
Size
5.0 kB (5039 bytes)
Hash
ebb00917091164e3c28315b3ae301589
6dc4ace14d4f3b3e44836ace734772d29b21f54e
046ece51797fc5a417200caaffb74a3a53e92ff11300450666456765bd789317

HTTP Headers

GET /im/4523 HTTP/1.1
Host: trafban.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/gif
Content-Length: 5039
Connection: keep-alive
X-Powered-By: PHP/5.6.36
X-Frame-Options: SAMEORIGIN

video.ebalka.pro/screens/1.jpg

31.210.171.172

200 OK

6.2 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/1.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.2 kB (6162 bytes)
Hash
376b2e39374d17fa5ad9a9517b116ea5
5878aeb8f1be1480540209582b92a54fe3953c9b
e487104d1d3d3a364ce44af48e7865251e95bc4713e081d1b35f1c13d835c17f

HTTP Headers

GET /screens/1.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645383-1887"
Content-Encoding: gzip

video.ebalka.pro/screens/2.jpg

31.210.171.172

200 OK

5.2 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/2.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
5.2 kB (5211 bytes)
Hash
5d4c0af3ff947ab882743a02b6509470
4371ad6eb37118346385aff134540b43dfbd08c9
a1a55174bc0d4444eadc0a023bbec4e4f2da0529777075d8a150a9cfd909ca5b

HTTP Headers

GET /screens/2.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645383-14cb"
Content-Encoding: gzip

video.ebalka.pro/screens/3.jpg

31.210.171.172

200 OK

7.5 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/3.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
7.5 kB (7459 bytes)
Hash
d1561e073c566572c321494fcf8bd71d
ccc738365018c62448c7f222aba5c79e646fe3bf
9c8fcb34f7b51e024c762d67827832f07a56b3c15d2cfd48e713c1a43b0b1bf0

HTTP Headers

GET /screens/3.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645384-1d93"
Content-Encoding: gzip

js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

44 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70
ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
44 kB (43613 bytes)
Hash
66a4c6ead8d60e5d989cdf47b5b51ebd
a1d0b8fbce8c58411383018a9149c82d84f1072f
1ca683f8b7cc0bfcb2611ad33bf377ed378b1c943d49f37ebada10b617ef3705

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 18 Apr 2024 15:58:50 GMT
etag: W/"6621433a-1ab84"
content-encoding: gzip
expires: Fri, 19 Apr 2024 00:04:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

video.ebalka.pro/screens/6.jpg

31.210.171.172

200 OK

6.0 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/6.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.0 kB (5973 bytes)
Hash
56256194ecb4c3d190e2e8b77100f5c5
149da5d98417ff2a35a42a829f4eecc3e5067416
8312fcd03ebe34b569fa39234a974b69b59e4f3003388f9d967959d8af2b689e

HTTP Headers

GET /screens/6.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645385-17c7"
Content-Encoding: gzip

video.ebalka.pro/screens/5.jpg

31.210.171.172

200 OK

6.2 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/5.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.2 kB (6155 bytes)
Hash
ccd384e0b077bdbc36c3d5292ad6693e
faa66546235011e7d6b71cdfee51cbf2735c9869
f6e3e3298e9ddcb7af0f7ac946c5dfb5b27076e7551b8f586583098243a8c108

HTTP Headers

GET /screens/5.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645384-187a"
Content-Encoding: gzip

video.ebalka.pro/screens/7.jpg

31.210.171.172

200 OK

6.2 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/7.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.2 kB (6231 bytes)
Hash
4aedbd224fe3d4b4b91e38a38eb03985
8ad11f204042b3c0e48507e3511fc6697a4a3645
b0448af15aa8ff11c31fb57eb8da5f1ddc7803c55bb2383577806587288fa103

HTTP Headers

GET /screens/7.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645386-18c9"
Content-Encoding: gzip

video.ebalka.pro/screens/8.jpg

31.210.171.172

200 OK

5.5 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/8.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
5.5 kB (5528 bytes)
Hash
e08a286c34c2b2a326082a391bb26b7e
89ed71ff40ebd103814a9f3b6919adb6327dbfe6
171938ada209c91693996fe03fac03606dce0c0cebcf00325c2c5762d2212756

HTTP Headers

GET /screens/8.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645386-1604"
Content-Encoding: gzip

video.ebalka.pro/screens/9.jpg

31.210.171.172

200 OK

6.5 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/9.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.5 kB (6542 bytes)
Hash
27e2201630c378f8cece017f7313b422
8cdf543c91747fd98b1b2d28e09a07c45ab4a1ec
54a4fa89fde0abef6b9f0753e3a0a21f07fc5f8bb141d1d0148e4551655a3bb5

HTTP Headers

GET /screens/9.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645386-19fb"
Content-Encoding: gzip

js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

6.8 kB

URL GET HTTP/2
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
Fingerprint60:8B:32:7F:ED:77:26:33:0E:F0:C1:0F:02:66:F5:DB:C6:0D:1F:70
ValidityMon, 11 Mar 2024 04:00:58 GMT - Sun, 09 Jun 2024 04:00:57 GMT

File type
data
Size
6.8 kB (6817 bytes)
Hash
77ff26ab70f580d28d27c2fa7ce48330
58b4745e50645ee2ad53542ccc90b30f1e207f22
5c18b29023e1a7e18c87e402a5c64c4e4abe317bc4eef32019fc039760ed5598

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 18 Apr 2024 15:58:46 GMT
etag: W/"66214336-6c7"
content-encoding: gzip
expires: Fri, 19 Apr 2024 00:04:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

video.ebalka.pro/screens/11.jpg

31.210.171.172

200 OK

7.3 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/11.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
7.3 kB (7325 bytes)
Hash
64529e1d33cac3ff42ff2ad7ccbc57d4
0513752f7205fa65b47c61ee408bb16cc101b2cb
6621e9df4d7dd2ed2a60dfa6d1f06eb4270e41d8779cf8b4410ace02dbcba457

HTTP Headers

GET /screens/11.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645387-1d0d"
Content-Encoding: gzip

video.ebalka.pro/screens/12.jpg

31.210.171.172

200 OK

5.2 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/12.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
5.2 kB (5175 bytes)
Hash
b24a1a9aa24cc8a23b031cc0216e1528
6b22d68c8b32fbceac02be73dab52c24e5d36825
fdea462e649379e9c639f561d6aa5a4cfa353dff4d933752c426a0e87c674a9f

HTTP Headers

GET /screens/12.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645388-14a9"
Content-Encoding: gzip

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint62:A4:EA:AD:53:4D:AB:37:8E:A1:66:48:0B:25:9A:4C:AB:69:72:2D
ValidityWed, 21 Feb 2024 03:00:58 GMT - Tue, 21 May 2024 03:00:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Fri, 19 Apr 2024 00:04:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

na.nawpush.com/tags/7454?version_name=c

45.133.44.25

200 OK

3.8 kB

URL GET HTTP/2
na.nawpush.com/tags/7454?version_name=c
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
FingerprintE4:8A:6D:1E:95:BA:50:33:94:D3:16:FE:4C:61:AA:DE:72:B1:70:87
ValidityThu, 28 Mar 2024 03:00:38 GMT - Wed, 26 Jun 2024 03:00:37 GMT

File type
data
Size
3.8 kB (3750 bytes)
Hash
bc13353e24666121cfe34c5f1e182e6b
bf3f8b627c7855b224ec60ee493d7ed0d0304aa3
c07cd174b4b0eef512c951aa0cbd28bf69e3fedcef74fd38607973b566041250

HTTP Headers

GET /tags/7454?version_name=c HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

notification.tubecup.net/tags?tag_id=7454&timezone_olson=UTC&version_name=c&med_script_id=82&page=http%3A//video.ebalka.pro/

88.198.204.164

200 OK

1.2 kB

URL GET HTTP/2
notification.tubecup.net/tags?tag_id=7454&timezone_olson=UTC&version_name=c&med_script_id=82&page=http%3A//video.ebalka.pro/
IP
88.198.204.164:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
1.2 kB (1181 bytes)
Hash
4e20711608562a9c966d6e4cb684d130
5ae48ef972f279cd35f6930d7ab74ff7aa5c2cd5
e4c53a0a99d745bb27537c059928d997aafcebb9d449b121b088cf8009e53bb2

HTTP Headers

GET /tags?tag_id=7454&timezone_olson=UTC&version_name=c&med_script_id=82&page=http%3A//video.ebalka.pro/ HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/json
content-length: 1181
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: br
X-Firefox-Spdy: h2

video.ebalka.pro/apple-touch-icon.png

31.210.171.172

200 OK

9.1 kB

URL GET HTTP/1.1
video.ebalka.pro/apple-touch-icon.png
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
9.1 kB (9132 bytes)
Hash
7c262fa332c8b2606705fbb85bc5059b
e0e0e233d94619ffe0d117f37e1bac2c0f254d9e
0837e627935f35d8b5100f4db84ed106760f2f4523baac39631973c26a1cf703

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:56 GMT
Content-Type: image/png
Last-Modified: Sat, 23 Apr 2022 18:44:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"626448f5-253e"
Content-Encoding: gzip

notification.tubecup.net/med/info?tag_id=7454

88.198.204.164

204 No Content

0 B

URL GET HTTP/2
notification.tubecup.net/med/info?tag_id=7454
IP
88.198.204.164:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /med/info?tag_id=7454 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:56 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.wpushsdk.com/npc/sdk/wpu/npush.m.js

45.133.44.52

200 OK

47 kB

URL GET HTTP/2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint79:0D:66:14:F6:A5:38:F8:56:11:BB:D8:90:A0:BB:AD:89:47:0E:2B
ValidityTue, 12 Mar 2024 05:00:39 GMT - Mon, 10 Jun 2024 05:00:38 GMT

File type
gzip compressed data, from Unix
Size
47 kB (47030 bytes)
Hash
018fe789b9c87184f09ea34e1655dc50
5dc7ac48cc6350aa88dacf0839bcb143dd53be08
ef6ba302b89c55c02c795416422e4c735b939d6109c6b86e61e55f5bdcb7e426

HTTP Headers

GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 18 Apr 2024 12:59:21 GMT
etag: W/"66211929-29261"
content-encoding: gzip
expires: Fri, 19 Apr 2024 00:04:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

ntvpforever.com/keywords

94.130.198.6

200 OK

0 B

URL POST HTTP/2
ntvpforever.com/keywords
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://video.ebalka.pro/
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:59:56 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=7454

157.90.84.242

204 No Content

0 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=7454
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=7454 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://video.ebalka.pro/
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 23:59:56 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://video.ebalka.pro
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

afde41b0e1.3dbc026bec.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDExNTU4Mzc3MjYyOTk3NTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMC4wIiwidGFnX2lkIjo3NDU0LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbH0=

45.133.44.52

200 OK

0 B

URL GET HTTP/2
afde41b0e1.3dbc026bec.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDExNTU4Mzc3MjYyOTk3NTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMC4wIiwidGFnX2lkIjo3NDU0LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbH0=
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectafde41b0e1.3dbc026bec.com
Fingerprint68:5C:02:DB:6F:9F:72:57:90:CF:D2:81:29:70:19:58:BC:74:07:49
ValidityMon, 15 Apr 2024 02:50:53 GMT - Sun, 14 Jul 2024 02:50:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDExNTU4Mzc3MjYyOTk3NTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMC4wIiwidGFnX2lkIjo3NDU0LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNTUsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbH0= HTTP/1.1
Host: afde41b0e1.3dbc026bec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

ntvpforever.com/keywords

94.130.198.6

200 OK

22 B

URL POST HTTP/2
ntvpforever.com/keywords
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
22 B (22 bytes)
Hash
803ed818708dd83bfae04bb20cf48cb0
3a32cabae01dd92a848ec427f4c69b85825e89e8
4c7d996ddffabca7f5a8fba7c3fa72a41f041ba7f96dfdbbd1818ec884aec396

HTTP Headers

POST /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 766
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/json
content-length: 22
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=7454

157.90.84.242

204 No Content

58 B

URL OPTIONS HTTP/1.1
fp.metricswpsh.com/fp?tag_id=7454
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
58 B (58 bytes)
Hash
87385fcd2a67fc74d2fa67366ba68ea2
a604cdbb1d31ce257e8643eee9219c9c724c200c
9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995

HTTP Headers

POST /fp?tag_id=7454 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 23:59:56 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://video.ebalka.pro
Set-Cookie: id=7242350174881747392; Expires=Fri, 18 Apr 2025 23:59:56 GMT; Secure; SameSite=None
Vary: Origin

nereserv.com/in/dip?site=native-push&wl=1&event_id=cccc17d3-ad45-4562-b9c2-a665be83049f&subid=386973861&sid=1476261553&spot_id=6687&created_at=2024-04-18&timezone=0&ver=8.158.1&is_native=1

94.130.198.6

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=cccc17d3-ad45-4562-b9c2-a665be83049f&subid=386973861&sid=1476261553&spot_id=6687&created_at=2024-04-18&timezone=0&ver=8.158.1&is_native=1
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=cccc17d3-ad45-4562-b9c2-a665be83049f&subid=386973861&sid=1476261553&spot_id=6687&created_at=2024-04-18&timezone=0&ver=8.158.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:59:57 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

173.194.73.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
http://video.ebalka.pro/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:HtE9pcYRSb-vRudVVumwQmg1S1lwUw:EdzNkIe7saMJwuhU; Expires=Sat, 18-Apr-2026 23:59:57 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 23:59:57 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIFEGusvBe5EjF0_OBGVknck24n7p2ezVxiswGE4naakYv5z3SDMAS0BMfnqS70TqCnz70_gA
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-qqyV384hmx9ZTtUdNJG0zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.149.23

317 B

URL
zerossl.ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
317 B (317 bytes)
Hash
f1ec2d0e2e597254afa8d52b271e86d5
d702079c42f19dde590cfa9090c9cac6d61362d0
fe12b37b82b45b356b689381b4ac2cf5e4bd0a60287305b4089e3d1d1bd71522

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 23:59:57 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 09:30:28 GMT
Expires: Tue, 23 Apr 2024 09:30:27 GMT
Etag: "d702079c42f19dde590cfa9090c9cac6d61362d0"
Cache-Control: max-age=379894,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87689c909e6156ca-OSL

zerossl.ocsp.sectigo.com/

172.64.149.23

317 B

URL
zerossl.ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
317 B (317 bytes)
Hash
f1ec2d0e2e597254afa8d52b271e86d5
d702079c42f19dde590cfa9090c9cac6d61362d0
fe12b37b82b45b356b689381b4ac2cf5e4bd0a60287305b4089e3d1d1bd71522

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 23:59:57 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 09:30:28 GMT
Expires: Tue, 23 Apr 2024 09:30:27 GMT
Etag: "d702079c42f19dde590cfa9090c9cac6d61362d0"
Cache-Control: max-age=379985,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87689c909b86569c-OSL

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIFEGusvBe5EjF0_OBGVknck24n7p2ezVxiswGE4naakYv5z3SDMAS0BMfnqS70TqCnz70_gA

173.194.73.84

302 Found

425 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIFEGusvBe5EjF0_OBGVknck24n7p2ezVxiswGE4naakYv5z3SDMAS0BMfnqS70TqCnz70_gA
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
http://video.ebalka.pro/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B
ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT

File type
HTML document, ASCII text, with very long lines (405)
Size
425 B (425 bytes)
Hash
35c180e5112c4785ec7eec9b04352121
c8f62729989a2ff1b29064122140360c933f1600
666712b5cb3b235ec5f77708d230381a4718d8eb80dae53297e172059c1e2286

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKIFEGusvBe5EjF0_OBGVknck24n7p2ezVxiswGE4naakYv5z3SDMAS0BMfnqS70TqCnz70_gA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:kFQnsYQ9ylWVPLQL8Bi0Ogoprtvj1A:BRPPIs1_nkXnHjKv;Path=/;Expires=Sat, 18-Apr-2026 23:59:57 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 23:59:57 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJ05wOEDHoWxECDpnOMOuTs6LXZMGrpWML1hZhihgas7DxuZIYAQCMz1qABm6vKMeLoiQFifg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1258486857%3A1713484797568543&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-8cZ71_6qnGA0hpxY2hWWgw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

efb785d6e4.9476c211af.com/in/multy

168.119.25.102

204 No Content

0 B

URL OPTIONS HTTP/2
efb785d6e4.9476c211af.com/in/multy
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerZeroSSL
Subject9476c211af.com
Fingerprint98:2D:EA:2C:05:B3:78:FD:86:B6:E0:37:C7:A0:C8:83:3C:07:F8:89
ValiditySun, 14 Apr 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: efb785d6e4.9476c211af.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://video.ebalka.pro/
Origin: http://video.ebalka.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:57 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

js.wpushsdk.com/skins/nmain.m.js

45.133.44.52

200 OK

113 kB

URL GET HTTP/2
js.wpushsdk.com/skins/nmain.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.wpushsdk.com
Fingerprint79:0D:66:14:F6:A5:38:F8:56:11:BB:D8:90:A0:BB:AD:89:47:0E:2B
ValidityTue, 12 Mar 2024 05:00:39 GMT - Mon, 10 Jun 2024 05:00:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (112930 bytes)
Hash
ded2677aaa311594b7bbaac3a20ab741
c89f9e234bc3364d40d8c91df55078915fcbcbdb
92628c88c213f7359cd259d48ba9912ebc70eef77778ed8540b7e11e6a1567cb

HTTP Headers

GET /skins/nmain.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Fri, 19 Apr 2024 00:04:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

efb785d6e4.9476c211af.com/in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&icons=onrnty0XzvS9PxXoHKGRwGxqqMNP2RgbICO6bZmexQ2bGAVijTLCxdqs96w5E8ge_vPQV8riw9GiaEqIZSHR3YCTBAVZsbpMVoG-q6AUpQtmFwN6gpooPMaYwFOY_gaT46DRNFvkgOr38_fwzHhoCAl5mI-cFfTLB8rZ6QXB0XtmO2WZ5Q&ext_cid=0&px_id=6687&min_cpm=0.049219193758127444&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3580464972046435867&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02186077819505181&cpm=0&verify_hash=8faf7d41ad3116e09625ef1ab77adadf&is_native=4&real_bid=0.00032122812290436&original_bid_usd=0.00072324&original_bid=0.00072324&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,114,20,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00072324&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000072324&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=8378d27b-4f72-4851-bade-b007f35365ad&prev_step_diff=1289

168.119.25.102

200 OK

0 B

URL GET HTTP/2
efb785d6e4.9476c211af.com/in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&icons=onrnty0XzvS9PxXoHKGRwGxqqMNP2RgbICO6bZmexQ2bGAVijTLCxdqs96w5E8ge_vPQV8riw9GiaEqIZSHR3YCTBAVZsbpMVoG-q6AUpQtmFwN6gpooPMaYwFOY_gaT46DRNFvkgOr38_fwzHhoCAl5mI-cFfTLB8rZ6QXB0XtmO2WZ5Q&ext_cid=0&px_id=6687&min_cpm=0.049219193758127444&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3580464972046435867&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02186077819505181&cpm=0&verify_hash=8faf7d41ad3116e09625ef1ab77adadf&is_native=4&real_bid=0.00032122812290436&original_bid_usd=0.00072324&original_bid=0.00072324&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,114,20,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00072324&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000072324&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=8378d27b-4f72-4851-bade-b007f35365ad&prev_step_diff=1289
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerZeroSSL
Subject9476c211af.com
Fingerprint98:2D:EA:2C:05:B3:78:FD:86:B6:E0:37:C7:A0:C8:83:3C:07:F8:89
ValiditySun, 14 Apr 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&icons=onrnty0XzvS9PxXoHKGRwGxqqMNP2RgbICO6bZmexQ2bGAVijTLCxdqs96w5E8ge_vPQV8riw9GiaEqIZSHR3YCTBAVZsbpMVoG-q6AUpQtmFwN6gpooPMaYwFOY_gaT46DRNFvkgOr38_fwzHhoCAl5mI-cFfTLB8rZ6QXB0XtmO2WZ5Q&ext_cid=0&px_id=6687&min_cpm=0.049219193758127444&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3580464972046435867&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02186077819505181&cpm=0&verify_hash=8faf7d41ad3116e09625ef1ab77adadf&is_native=4&real_bid=0.00032122812290436&original_bid_usd=0.00072324&original_bid=0.00072324&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=108,0,114,20,27&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.00072324&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000072324&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=8378d27b-4f72-4851-bade-b007f35365ad&prev_step_diff=1289 HTTP/1.1
Host: efb785d6e4.9476c211af.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

efb785d6e4.9476c211af.com/in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=2958790346&crtid=5d4c545f6217b279746ad70fecbaf524&url=https%3A%2F%2Fjykgqn.xyz%2Fdsp%2Fph%2Fclcm%3Faid%3D9435765588468976704%26mid%3D0%26t%3D1713484797%26s%3D1178580%26sid%3D1391&icons=mXeZnKtCPMQh1OftNooL_UhL8qco0mDwS_OLxPE1Lr2fPm6cNLpn7hcIVnJbzW8WzkHF8qHza6qHLujwjjt7_SScccQ5BK_NX6BWI_iHrMJJXYorEWjLMevQvCmSMavivFvU5sd3yp41uPrkdNvd5lZsWQZ1H2rkKmQJnTTEUkQepwK_hLc&ext_cid=0&px_id=736687&min_cpm=0.0018372407614901036&out_id=0&campaign_type=hq&aid=108&cid=2449&uniq=c08865efb50c92e546cb1e8c0e49503aad57300ffd3da40147f390f555f3b572&mid=3580464972046435867&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.029499141091114657&cpm=0&verify_hash=75400b151f41a1c30f7d2034e6b2bec1&is_native=1&real_bid=0.0116125002503395&original_bid_usd=0.0125&original_bid=0.0125&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,95,4,98,130,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1713571197&image_url=https%3A%2F%2Fi.wmgtr.com%2Fcim%2FWOoDkhb024bpkwLjkJHmenZGVxokBgep.png&site=native-push-adult&price=0.0125&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000125&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=bf6d4524-a743-4cc1-8bed-354e02801bc7&prev_step_diff=1288

168.119.25.102

200 OK

0 B

URL GET HTTP/2
efb785d6e4.9476c211af.com/in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=2958790346&crtid=5d4c545f6217b279746ad70fecbaf524&url=https%3A%2F%2Fjykgqn.xyz%2Fdsp%2Fph%2Fclcm%3Faid%3D9435765588468976704%26mid%3D0%26t%3D1713484797%26s%3D1178580%26sid%3D1391&icons=mXeZnKtCPMQh1OftNooL_UhL8qco0mDwS_OLxPE1Lr2fPm6cNLpn7hcIVnJbzW8WzkHF8qHza6qHLujwjjt7_SScccQ5BK_NX6BWI_iHrMJJXYorEWjLMevQvCmSMavivFvU5sd3yp41uPrkdNvd5lZsWQZ1H2rkKmQJnTTEUkQepwK_hLc&ext_cid=0&px_id=736687&min_cpm=0.0018372407614901036&out_id=0&campaign_type=hq&aid=108&cid=2449&uniq=c08865efb50c92e546cb1e8c0e49503aad57300ffd3da40147f390f555f3b572&mid=3580464972046435867&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.029499141091114657&cpm=0&verify_hash=75400b151f41a1c30f7d2034e6b2bec1&is_native=1&real_bid=0.0116125002503395&original_bid_usd=0.0125&original_bid=0.0125&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,95,4,98,130,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1713571197&image_url=https%3A%2F%2Fi.wmgtr.com%2Fcim%2FWOoDkhb024bpkwLjkJHmenZGVxokBgep.png&site=native-push-adult&price=0.0125&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000125&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=bf6d4524-a743-4cc1-8bed-354e02801bc7&prev_step_diff=1288
IP
168.119.25.102:443
ASN
#24940 Hetzner Online GmbH

Requested by
http://video.ebalka.pro/
Certificate
IssuerZeroSSL
Subject9476c211af.com
Fingerprint98:2D:EA:2C:05:B3:78:FD:86:B6:E0:37:C7:A0:C8:83:3C:07:F8:89
ValiditySun, 14 Apr 2024 00:00:00 GMT - Sat, 13 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/show/?tag_ab=c&site_id=316687&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=tz_offset,dch_ip&ssp=3964&page=http%3A%2F%2Fvideo.ebalka.pro%2F&refdom=video.ebalka.pro&auction_time=1713484797&subid=386973861&sid=1476261553&tcid=0&ver=8.158.1&ver_c=&spot_id=6687&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-18&iabcat=IAB25-3&keywords=adult&user_fp=16808267425694366349&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D386973861%26spot_id%3D6687%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fvideo.ebalka.pro%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=2958790346&crtid=5d4c545f6217b279746ad70fecbaf524&url=https%3A%2F%2Fjykgqn.xyz%2Fdsp%2Fph%2Fclcm%3Faid%3D9435765588468976704%26mid%3D0%26t%3D1713484797%26s%3D1178580%26sid%3D1391&icons=mXeZnKtCPMQh1OftNooL_UhL8qco0mDwS_OLxPE1Lr2fPm6cNLpn7hcIVnJbzW8WzkHF8qHza6qHLujwjjt7_SScccQ5BK_NX6BWI_iHrMJJXYorEWjLMevQvCmSMavivFvU5sd3yp41uPrkdNvd5lZsWQZ1H2rkKmQJnTTEUkQepwK_hLc&ext_cid=0&px_id=736687&min_cpm=0.0018372407614901036&out_id=0&campaign_type=hq&aid=108&cid=2449&uniq=c08865efb50c92e546cb1e8c0e49503aad57300ffd3da40147f390f555f3b572&mid=3580464972046435867&skin_id=2&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.029499141091114657&cpm=0&verify_hash=75400b151f41a1c30f7d2034e6b2bec1&is_native=1&real_bid=0.0116125002503395&original_bid_usd=0.0125&original_bid=0.0125&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=90,95,4,98,130,5&need_redirect_show=0&applied_features=coef_090,main-skins-settings&show_count=1&expiration_timestamp=1713571197&image_url=https%3A%2F%2Fi.wmgtr.com%2Fcim%2FWOoDkhb024bpkwLjkJHmenZGVxokBgep.png&site=native-push-adult&price=0.0125&hostname=auc-inpage-hz-9-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000125&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=bf6d4524-a743-4cc1-8bed-354e02801bc7&prev_step_diff=1288 HTTP/1.1
Host: efb785d6e4.9476c211af.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

jykgqn.xyz/dsp/ph/icm?aid=9435765588468976704&mid=0&sid=1391&t=1713484797&subid=736687&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=f0d027d2-ad29-4cd8-8096-f14538e3ad89&prev_step_diff=1288

31.220.27.99

302 Found

0 B

URL GET HTTP/2
jykgqn.xyz/dsp/ph/icm?aid=9435765588468976704&mid=0&sid=1391&t=1713484797&subid=736687&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=f0d027d2-ad29-4cd8-8096-f14538e3ad89&prev_step_diff=1288
IP
31.220.27.99:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjykgqn.xyz
FingerprintF0:D1:6E:81:56:E9:36:8C:72:DB:CF:68:84:46:3E:C7:A6:3E:CC:FA
ValidityTue, 16 Apr 2024 07:49:04 GMT - Mon, 15 Jul 2024 07:49:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dsp/ph/icm?aid=9435765588468976704&mid=0&sid=1391&t=1713484797&subid=736687&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&st=0.04&cpa=f0d027d2-ad29-4cd8-8096-f14538e3ad89&prev_step_diff=1288 HTTP/1.1
Host: jykgqn.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:59:58 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
location: https://i.wmgtr.com/cic/tcrGOaYfxMnNQMYZ932xnImPhLEfQzYZ.png
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.25

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:58 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Fri, 18 Apr 2025 23:59:58 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

876 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
http://video.ebalka.pro/
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
876 B (876 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: af63c1b63c8eae3a650c7f9545e1e614
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApmL6WukM5%2B7%2FYG6ZkBhUqnD%2B8U1ZdrPhjdtUvxE2n1Np2spik5%2BV2Zl3cISvG5vPl8vWMScAkBM0xw2aThrhl9RFvIVDxJuHOsy2GmOE46d5WG%2Bsw7CHrs4wQvQJimyo6QtooF6EBvpXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87689c8a6bed569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

video.ebalka.pro/favicon.ico

31.210.171.172

200 OK

1.2 kB

URL GET HTTP/1.1
video.ebalka.pro/favicon.ico
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
e4d264cfa648a898f5d95154d6f31f6b
99738adada29226f5431a6b03061192a0f24db46
54da1229cf4fb2ca5392f55086fbf0ebabe5a1108d8ccbc2b51928847b2e777d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:59 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Sat, 23 Apr 2022 19:06:33 GMT
ETag: "47e-5dd570a960b50"
Accept-Ranges: bytes

video.ebalka.pro/files/fonts/fontawesome-webfont.woff2?v=4.7.0

31.210.171.172

200 OK

77 kB

URL GET HTTP/1.1
video.ebalka.pro/files/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /files/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/files/css/font-awesome.min.css
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:59 GMT
Content-Length: 77160
Connection: keep-alive
Last-Modified: Sat, 23 Apr 2022 18:44:16 GMT
ETag: "12d68-5dd56baed8b5f"
Accept-Ranges: bytes

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJ05wOEDHoWxECDpnOMOuTs6LXZMGrpWML1hZhihgas7DxuZIYAQCMz1qABm6vKMeLoiQFifg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1258486857%3A1713484797568543&theme=mn&ddm=0

173.194.73.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJ05wOEDHoWxECDpnOMOuTs6LXZMGrpWML1hZhihgas7DxuZIYAQCMz1qABm6vKMeLoiQFifg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1258486857%3A1713484797568543&theme=mn&ddm=0
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
http://video.ebalka.pro/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKJ05wOEDHoWxECDpnOMOuTs6LXZMGrpWML1hZhihgas7DxuZIYAQCMz1qABm6vKMeLoiQFifg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1258486857%3A1713484797568543&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 23:59:57 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-YzD1XaB8BS65khYooBoN1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=950c09c1-1f35-4bed-82fa-969e45185248&prev_step_diff=1289

45.133.44.25

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=950c09c1-1f35-4bed-82fa-969e45185248&prev_step_diff=1289
IP
45.133.44.25:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=950c09c1-1f35-4bed-82fa-969e45185248&prev_step_diff=1289 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:58 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 18 Apr 2025 23:59:58 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

video.ebalka.pro/screens/4.jpg

31.210.171.172

200 OK

8.0 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/4.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
8.0 kB (8031 bytes)
Hash
c1cd7629b65cc98442339bde3d2ccfcc
551161ef848fa2aa0494ed26d995ace7c6ed2b75
de7a8cceb7161c7697e73ff7c6079c46973e2538b3a8202ad577cf410e0bf5ee

HTTP Headers

GET /screens/4.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645384-1f5f"
Content-Encoding: gzip

i.wmgtr.com/cic/tcrGOaYfxMnNQMYZ932xnImPhLEfQzYZ.png

45.133.44.32

200 OK

125 kB

URL GET HTTP/2
i.wmgtr.com/cic/tcrGOaYfxMnNQMYZ932xnImPhLEfQzYZ.png
IP
45.133.44.32:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint37:61:DE:DA:45:71:20:6A:20:58:19:6F:8D:CB:0E:0D:20:46:0A:47
ValidityTue, 20 Feb 2024 03:01:29 GMT - Mon, 20 May 2024 03:01:28 GMT

File type
GIF image data, version 89a, 192 x 192
Size
125 kB (124603 bytes)
Hash
c8906186b4ef28c0882721f7ff8d8b38
c97d8d53ee53a35927391dbcaa197d6dbbf9bee7
85dcb476a8aebc32ee0c840016a78c653d734827a0e375f0c17f15c7c352428e

HTTP Headers

GET /cic/tcrGOaYfxMnNQMYZ932xnImPhLEfQzYZ.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:58 GMT
content-type: image/gif
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Fri, 19 Apr 2024 22:59:58 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

video.ebalka.pro/screens/10.jpg

31.210.171.172

200 OK

6.1 kB

URL GET HTTP/1.1
video.ebalka.pro/screens/10.jpg
IP
31.210.171.172:80
ASN
#207728 EUROHOSTER Ltd.

Requested by
http://video.ebalka.pro/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 240x135, components 3
Size
6.1 kB (6091 bytes)
Hash
8f9d07c675e4716ce00e3980d023e93e
eed91d04fd2d9a8b17367361397bfe041524e5d8
1fb2e0b661f773ec784309ced79bd778976a776ec02f9de3f84587a62182dbd8

HTTP Headers

GET /screens/10.jpg HTTP/1.1
Host: video.ebalka.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Cookie: lid=3su132pg7ujq3f6bofqbd4shn5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:59:55 GMT
Content-Type: image/jpeg
Last-Modified: Sat, 23 Apr 2022 19:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62645386-17cb"
Content-Encoding: gzip

i.wmgtr.com/cim/WOoDkhb024bpkwLjkJHmenZGVxokBgep.png

45.133.44.32

200 OK

443 kB

URL GET HTTP/2
i.wmgtr.com/cim/WOoDkhb024bpkwLjkJHmenZGVxokBgep.png
IP
45.133.44.32:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
Fingerprint37:61:DE:DA:45:71:20:6A:20:58:19:6F:8D:CB:0E:0D:20:46:0A:47
ValidityTue, 20 Feb 2024 03:01:29 GMT - Mon, 20 May 2024 03:01:28 GMT

File type
GIF image data, version 89a, 492 x 328
Size
443 kB (443206 bytes)
Hash
fd5973926f254ad276bb253cb2ebbab9
6fdb0ed4879b7118b26ae246dc1f73462d61832f
2125c22324b978d8312d5ba782b79b588d640f36cf0d2c4ac050ec9e2888ec2e

HTTP Headers

GET /cim/WOoDkhb024bpkwLjkJHmenZGVxokBgep.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:58 GMT
content-type: image/gif
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Fri, 19 Apr 2024 22:59:58 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.cabnnr.com/banner-admanager/build.m.js

45.133.44.52

200 OK

56 kB

URL GET HTTP/2
js.cabnnr.com/banner-admanager/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://video.ebalka.pro/
Certificate
IssuerLet's Encrypt
Subjectjs.cabnnr.com
Fingerprint30:96:B6:F1:2E:02:9B:46:A1:82:83:29:6C:9E:F2:55:FA:D2:54:9C
ValidityMon, 19 Feb 2024 03:01:20 GMT - Sun, 19 May 2024 03:01:19 GMT

File type
JavaScript source, ASCII text, with very long lines (56335), with no line terminators
Size
56 kB (56335 bytes)
Hash
2fe694e9fc886ced6a74dcd05cf0847d
db4944a7f33bc2175a89b8a4ca63073c19c4f742
faf3f561ef543631bd615343f98db5eb3ac4f32754444f014243f5d67427ef58

HTTP Headers

GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://video.ebalka.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:59:56 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 17 Apr 2024 14:17:58 GMT
etag: W/"661fda16-dc0f"
content-encoding: gzip
expires: Fri, 19 Apr 2024 00:04:56 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML