Report - huannd9x.wap.sh

Report Overview

Submitted URL
huannd9x.wap.sh
IP
54.36.158.41
ASN
#16276 OVH SAS
Submitted
2024-05-08 01:20:41
Access
public
Website Title
Server Not Found
Final URL
about:neterror?e=dnsNotFound&u=https%3A//dangcapnd.net/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20dangcapnd.net.
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
enif.images.xtstatic.com	unknown	2011-12-13	2013-12-11	2023-11-22	523 B	307 B	141.94.172.213
xtgem.com	168884	2006-11-15	2012-05-22	2024-02-17	1.5 kB	12 kB	141.94.172.213
filehuannd.wap.sh	unknown	unknown	No data	No data	1.6 kB	8.7 kB	54.36.158.41
dangcapnd.wap.sh	unknown	unknown	No data	No data	392 B	195 B	54.36.158.42
filedangcapnd1.wap.sh	unknown	unknown	No data	No data	2.0 kB	9.1 kB	54.36.158.42
pl13048200.trustedcpmrevenue.com	unknown	2021-12-22	2022-09-03	2023-11-12	456 B	31 kB	172.240.108.76
huannd9x.sextgem.com	unknown	unknown	No data	No data	3.6 kB	46 kB	54.36.158.42
tieuquya7.xtgem.com	unknown	unknown	No data	No data	392 B	5.4 kB	54.36.158.42
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-06	441 B	427 B	52.58.212.182
cif.images.xtstatic.com	unknown	2011-12-13	2013-12-16	2024-04-16	522 B	307 B	141.94.172.213
dangcapnd.sextgem.com	unknown	unknown	No data	No data	502 B	4.9 kB	54.36.158.42
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-07	338 B	942 B	3.164.222.26
astronomybreathlessmisunderstand.com	unknown	unknown	No data	No data	508 B	467 B	172.240.127.234
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-05-06	419 B	327 B	172.240.127.234
dangcapnd.net	unknown	unknown	No data	No data	470 B	0 B	0.0.0.0
huannd9x.wap.sh	unknown	unknown	No data	No data	1.7 kB	1.4 kB	54.36.158.42
filedangcapnd.wap.sh	unknown	unknown	No data	No data	2.4 kB	14 kB	54.36.158.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	dangcapnd.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	about:neterror?e=dnsNotFound&u=https%3A//dangcapnd.net/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20dangcapnd.net.	0 B	2023-03-07	2024-05-19
Pretty URL about:neterror?e=dnsNotFound&u=https%3A//dangcapnd.net/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20dangcapnd.net. IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 19:30:22 Times Seen37839258 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - d43577ddb99df30a065d0eecfd0e0166	12 B	2023-03-07	2024-05-15
Pretty Observations First Seen2023-03-07 01:17:06 Last Seen2024-05-15 13:57:41 Times Seen770 Hash d43577ddb99df30a065d0eecfd0e0166 790787084dc69fdd4d0188eb8b458b618fd82ff9 0a8dc1e84a705dc090b4e74b91ab5ebc53bac8b49250a0feab109c25750cc965 Loading...

	#2 Write - b471dbdde442498001a94bea41de6f81	77 B	2023-03-11	2024-05-08
Pretty Observations First Seen2023-03-11 16:11:07 Last Seen2024-05-08 03:20:48 Times Seen14 Hash b471dbdde442498001a94bea41de6f81 c40e7148de1ebb79d50e59bc91c980c52f5f5e74 46d351f24aa7ac94765cdd3d7ddcfa366ac0cd383ca4b4aa98fa3bb5b6d23fc3 Loading...

	#3 Write - 2a690dbaca571e83174dfac9bdd9706c	50 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 2a690dbaca571e83174dfac9bdd9706c f9f0a737ecb13e4094e230dadfbf56a8266f671f a6d369248604b1270aa0b1449a48bc08fb2d9c52e4e2031e4a19a770e7289058 Loading...

	#4 Write - 88ec2c9df691c50b0edd5ebcf2f067ef	73 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 88ec2c9df691c50b0edd5ebcf2f067ef d3a3947c71c3dba034fcde520aa065f58054c855 3531cdcfd4ddbf3e0e4ab12752ebe9df59fc721fd9edbd375dfdcb0f1bb5e7ef Loading...

	#5 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-19 16:48:28 Times Seen12456 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#6 Write - 070bd838721a5a841379f5c9edc40912	15 B	2023-03-10	2024-05-08
Pretty Observations First Seen2023-03-10 14:15:25 Last Seen2024-05-08 03:20:48 Times Seen44 Hash 070bd838721a5a841379f5c9edc40912 9d69be3f715eed78e7896824f3a21f1201319b37 fa7e4a96c462cd0970d84a499f33026a5f4face696dd2f22ac45fd5ced7d7e97 Loading...

	#7 Write - b082895fab4c56c1aba17dcc672fca3a	10 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:16:29 Last Seen2024-05-19 10:56:32 Times Seen3995 Hash b082895fab4c56c1aba17dcc672fca3a a70383038f7399e30dd01b90bf2d043d5c01f859 7dc8d37d8f9fb3c627639b2506cd6c66f58f02a11047bb736810cee78b249064 Loading...

	#8 Write - 0fd5a2cae92d202badb65e41fe5c2c54	11 B	2023-03-08	2024-05-08
Pretty Observations First Seen2023-03-08 15:25:56 Last Seen2024-05-08 03:20:48 Times Seen4 Hash 0fd5a2cae92d202badb65e41fe5c2c54 1503293bdd84f8e8ae2ce54faaec4c2f0ccd63de 8efbda388ce0e77ece1f4a49b7e510068e3ba40378fe90bf80f0641b789d1026 Loading...

	#9 Write - 3e995b540bb53efc481ac63937bf000c	95 B	2023-03-11	2024-05-08
Pretty Observations First Seen2023-03-11 16:11:07 Last Seen2024-05-08 03:20:48 Times Seen14 Hash 3e995b540bb53efc481ac63937bf000c 6f613b6a638e6fc9367ef114799159e83541b121 1873184c0431153c2960ae0ab16de3249a2f464bbdff442bfa12471f452b2eb4 Loading...

	#10 Write - 7cc815517992ba6ab8dc7d46aad18c15	122 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 7cc815517992ba6ab8dc7d46aad18c15 1be7e3c8d4c07ffb88a99d0e0b5a62674e8c5e10 c87ac17366054844853d4307079c15e5d3233cc3e462cc0add88bb1acd2ba830 Loading...

	#11 Write - 46d6b82712b36cf22bf71e00cb323504	9 B	2023-03-11	2024-05-08
Pretty Observations First Seen2023-03-11 16:11:07 Last Seen2024-05-08 03:20:48 Times Seen14 Hash 46d6b82712b36cf22bf71e00cb323504 0f11c418c4ee6904ccf856aa688ce74010ed704f fdda7edf6a6099b488c2a78ba5b04696d854784853fbaba4ab7048cca1b9cdf8 Loading...

	#12 Write - 8fb21369ee00097c06b5d2c63f66b6d2	68 B	2023-03-11	2024-05-08
Pretty Observations First Seen2023-03-11 16:11:07 Last Seen2024-05-08 03:20:48 Times Seen14 Hash 8fb21369ee00097c06b5d2c63f66b6d2 0fa5b173e9471ad172601efcad4896fe195ab5ec 1d0c5dea07d4c82cf0b0f800d7a7cbef9b249baa1691e4990a692d2135606458 Loading...

	#13 Write - 13dfa267023270f8c5623d8c4f22cf8d	67 B	2023-03-11	2024-05-08
Pretty Observations First Seen2023-03-11 16:11:07 Last Seen2024-05-08 03:20:48 Times Seen14 Hash 13dfa267023270f8c5623d8c4f22cf8d e5bea0aa4fa1709441068eb6f0e310356cc928fe c1878932aa0977ff69a1622e2b05e9744aacd776bec23f5dd6e37fc0a74697c9 Loading...

	#14 Write - 7cd291bca03aa57abce221bc4374551b	174 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 7cd291bca03aa57abce221bc4374551b 897c62b0c6b108ec82e6b6b6f65502140a5a3dce 1debdabc5726f2a8a4925116a234d88734feb1dcf5a6ee5553a2feb7f0dc10bc Loading...

	#15 Write - 8a4bb23805100fb403f2b8bac7d5bd38	84 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 8a4bb23805100fb403f2b8bac7d5bd38 d7a94855e8fa91d09706a372caa8020e3771e2d8 73819a3a6427448dca146ea0080333b54711583886e61253d1b87d5d0ac21ff7 Loading...

	#16 Write - 4f215758b9eeaf998016c25ce10547f8	101 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 03:20:48 Last Seen2024-05-08 03:20:48 Times Seen1 Hash 4f215758b9eeaf998016c25ce10547f8 a73092049b89d451e081d4174a6b9cd207c8caf3 d9569b21b30103e2b360662e8fd2b3523a17f4a6703976eef1b2b529c8be4b71 Loading...

HTTP Transactions (40)

URL IP Response Size

huannd9x.wap.sh/

54.36.158.42

523 B

URL
huannd9x.wap.sh/
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text
Size
523 B (523 bytes)
Hash
dfb7d91b3b59ecf4f7ccd85272c1066e
f73b48d6a106c04848ced21376d86e56d625178c
9b684f230bf45555747c7ed5fd050f7bec2d5aeaf12591deb33607bbdb4ee8de

HTTP Headers

GET / HTTP/1.1
Host: huannd9x.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:15 GMT
Vary: Host,Accept-Encoding
Set-Cookie: XT_transfer_interstitial=1; expires=Thu, 09-May-2024 01:20:15 GMT; Max-Age=86400; path=/; domain=.huannd9x.wap.sh
refresh: 5; url=https://huannd9x.sextgem.com/
Content-Encoding: gzip
Content-Length: 523
Content-Type: text/html; charset=UTF-8

huannd9x.wap.sh/favicon.ico

54.36.158.42

0 B

URL
huannd9x.wap.sh/favicon.ico
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: huannd9x.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.wap.sh/
Cookie: XT_transfer_interstitial=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 01:20:16 GMT
Location: https://huannd9x.sextgem.com/favicon.ico
Content-Length: 0
Content-Type: text/html; charset=UTF-8

huannd9x.sextgem.com/favicon.ico

54.36.158.42

0 B

URL
huannd9x.sextgem.com/favicon.ico
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huannd9x.wap.sh/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 404 Not Found
Date: Wed, 08 May 2024 01:20:16 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Connection: keep-alive

huannd9x.sextgem.com/

54.36.158.42

12 kB

URL
huannd9x.sextgem.com/
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (34450), with CRLF, LF line terminators
Size
12 kB (11855 bytes)
Hash
033fde5ac6410dce307992814d272c4b
b91773a0d4221f5f00e00b2bb645cce351397494
31d9341e8630c63dbd9a48778c74eb95b1b8c3d5c5d81a5bd7dd05f8d0844dfe

HTTP Headers

GET / HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:21 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:21 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221; expires=Wed, 08-May-2024 01:50:21 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding: gzip
Content-Length: 11855
Content-Type: text/html;charset=UTF-8

huannd9x.sextgem.com/css/blog.css

54.36.158.42

5.7 kB

URL
huannd9x.sextgem.com/css/blog.css
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (777), with CRLF, LF line terminators
Size
5.7 kB (5720 bytes)
Hash
77de3b8124234a081a36b005164dd141
e36d591f4cf9a3ee7b7c3882483794a26b48b4fc
02fbf78021d308bf263b2886cd916fb005a0ba25193c0119190ef402cf28f65b

HTTP Headers

GET /css/blog.css HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 404 Not Found
Date: Wed, 08 May 2024 01:20:21 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:21 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221; expires=Wed, 08-May-2024 01:50:21 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Content-Encoding: gzip
Content-Length: 5720
Content-Type: text/html; charset=UTF-8
Connection: keep-alive

huannd9x.sextgem.com/images/iconArmy2.png

54.36.158.42

636 B

URL
huannd9x.sextgem.com/images/iconArmy2.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
636 B (636 bytes)
Hash
9503fad3d8658ef25b27bb7b3ffa83c2
9b71e15287f900a6285d49b96198094a1678de4c
b5350475a721667bd43cb5ba6eafb7e38055ae8728acdde7125d096f83eec26e

HTTP Headers

GET /images/iconArmy2.png HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:21 GMT
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:21 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:21 GMT
X-Ngz: 1
Content-Length: 636
Content-Type: image/png

dangcapnd.wap.sh/images/logo.png

54.36.158.42

0 B

URL
dangcapnd.wap.sh/images/logo.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: dangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 01:20:22 GMT
Location: https://dangcapnd.sextgem.com/images/logo.png
X-Ngz: 1
Content-Length: 0
Content-Type: text/html; charset=UTF-8

huannd9x.wap.sh/images/icon%20tai%20xuong.png

54.36.158.41

0 B

URL
huannd9x.wap.sh/images/icon%20tai%20xuong.png
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/icon%20tai%20xuong.png HTTP/1.1
Host: huannd9x.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 01:20:22 GMT
Location: https://huannd9x.sextgem.com/images/icon tai xuong.png
X-Ngz: 1
Content-Length: 0
Content-Type: text/html; charset=UTF-8

filedangcapnd1.wap.sh/images/vuon+thuy+cung.png

54.36.158.42

1.9 kB

URL
filedangcapnd1.wap.sh/images/vuon+thuy+cung.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced
Size
1.9 kB (1943 bytes)
Hash
ddecdd8037589f43bc594da0ae308cc0
959569f0e757301b947fb110e32723ba87456211
40b2e9c40507951d42e76f22c19382fa34032bf9ee39896f60355b3a640cf5cf

HTTP Headers

GET /images/vuon+thuy+cung.png HTTP/1.1
Host: filedangcapnd1.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=5e1f82e64317f2f04624855454ca5a7a; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 1943
Content-Type: image/png

cif.images.xtstatic.com/tp.gif

141.94.172.213

42 B

URL
cif.images.xtstatic.com/tp.gif
IP
141.94.172.213:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /tp.gif HTTP/1.1
Host: cif.images.xtstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
Content-Type: image/gif

filedangcapnd.wap.sh/images/thonglinhthienha.png

54.36.158.42

2.8 kB

URL
filedangcapnd.wap.sh/images/thonglinhthienha.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2812 bytes)
Hash
ca18d676edaa77422a5190dc95a0f822
5247771d3262cea8aac29cd48505143c47225f2f
d07b89cf0474d0066ddf6e91fdc21ed5502df063426ce655981a86ca60724ebd

HTTP Headers

GET /images/thonglinhthienha.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=7d880a9f07784edde8ff0a999ec34495; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2812
Content-Type: image/png

filedangcapnd1.wap.sh/images/trachanhquan.png

54.36.158.42

731 B

URL
filedangcapnd1.wap.sh/images/trachanhquan.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
731 B (731 bytes)
Hash
e1f79486e68c2b18af4760c9661abc94
2bdeb1a116adf82398530015ab8705b90c45857e
cff78d77f5667464e3faa105548e626c5ac43cd3b8817c849e43c676e8e31d22

HTTP Headers

GET /images/trachanhquan.png HTTP/1.1
Host: filedangcapnd1.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=3428790a68144c449bc57f8ce457c6dd; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 731
Content-Type: image/png

filedangcapnd.wap.sh/images/autoclick.png

54.36.158.42

980 B

URL
filedangcapnd.wap.sh/images/autoclick.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 48 x 48
Size
980 B (980 bytes)
Hash
73bb05288a4ed4a70f132f7b9b0b62ed
a23198012ca6c5425fbdd2c2530f85575306beff
c4354342122b43a5304426b02453f43f3eea6c50caf8931c42f8c3a8843a59b9

HTTP Headers

GET /images/autoclick.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=898cdac7cee421c694d509436c93676f; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 980
Content-Type: image/gif

filedangcapnd.wap.sh/images/ionline.png

54.36.158.42

2.7 kB

URL
filedangcapnd.wap.sh/images/ionline.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2653 bytes)
Hash
c36e1665f581cbe013336890bb5d8d61
ad049a6588251167a85f8658fd4532b6f1bf0159
62a6598874901b4064d1f2b463d62634219f388a5a67cb0ae96dd3e5309b2301

HTTP Headers

GET /images/ionline.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=e9a30f85c3b0cd9ff343cab9a5a5fef1; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2653
Content-Type: image/png

enif.images.xtstatic.com/tp.gif

141.94.172.213

42 B

URL
enif.images.xtstatic.com/tp.gif
IP
141.94.172.213:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /tp.gif HTTP/1.1
Host: enif.images.xtstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
Content-Type: image/gif

filedangcapnd1.wap.sh/images/tri+thong+minh+nhan+tao.png

54.36.158.42

1.6 kB

URL
filedangcapnd1.wap.sh/images/tri+thong+minh+nhan+tao.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 46 x 48, 8-bit colormap, non-interlaced
Size
1.6 kB (1584 bytes)
Hash
9338b8a3a8ec068663f7cf73c9cf53e6
f8ec697e702535daa4ef5212d024ca08764bd6cf
aa40df8be343b0463e56d089d3b45daa2da704c96e09d8c7d12bd9f80f806873

HTTP Headers

GET /images/tri+thong+minh+nhan+tao.png HTTP/1.1
Host: filedangcapnd1.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=cf85d71d042366ad67e5a317945d43bc; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 1584
Content-Type: image/png

xtgem.com/images/xtvid/sunnyleonewap.jpg

141.94.172.213

7.7 kB

URL
xtgem.com/images/xtvid/sunnyleonewap.jpg
IP
141.94.172.213:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x50, components 3
Size
7.7 kB (7690 bytes)
Hash
8e0dddf6bcbe232ac643e4dd40de6101
b958077b6d3871c2bd5088561235c8c825a3f72f
04f14d4e1099434b5486bddb58c0a71ba246e2d2248718e84d7643537ad600d8

HTTP Headers

GET /images/xtvid/sunnyleonewap.jpg HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "1e0a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 7690
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Type: image/jpeg

huannd9x.sextgem.com/images/Avatar%20icon.png

54.36.158.42

23 kB

URL
huannd9x.sextgem.com/images/Avatar%20icon.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
data
Size
23 kB (23277 bytes)
Hash
5588edc2e692d535327cc62f2bd43bb2
fd84a5676b9499cb9ec6bc4b687b89a1cba59b50
f6151cffc1c50372a38d164add6475a5279c508db3d90f5c29d391bb898d423f

HTTP Headers

GET /images/Avatar%20icon.png HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 404 Not Found
Date: Wed, 08 May 2024 01:20:21 GMT
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:21 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221; expires=Wed, 08-May-2024 01:50:21 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
X-Ngz: 1
Content-Type: text/html; charset=UTF-8

huannd9x.sextgem.com/images/icon%20tai%20xuong.png

54.36.158.42

270 B

URL
huannd9x.sextgem.com/images/icon%20tai%20xuong.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 10 x 9, 8-bit/color RGB, non-interlaced
Size
270 B (270 bytes)
Hash
0edc2bd13575e223ec1f90100bc9722b
fd8bf9e12d2113107f1cac917cfbfbbd9789ed27
3985571c46eb4eecada27e64ace257568802f10964683d4a3e68742222d828d0

HTTP Headers

GET /images/icon%20tai%20xuong.png HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221; test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 270
Content-Type: image/png

filehuannd.wap.sh/images/chienthan.png

54.36.158.41

2.6 kB

URL
filehuannd.wap.sh/images/chienthan.png
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2604 bytes)
Hash
a535e70599d76a1d5379e3a8dbab5deb
f5cccf47fa0c186836419dce5856190227525e29
d8bb8010382289e0e77d4e55b6a32f8220540a81f2f380a11d82d6d25567535e

HTTP Headers

GET /images/chienthan.png HTTP/1.1
Host: filehuannd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=c29ba0632fb210436ae505b289a155fc; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2604
Content-Type: image/png

filehuannd.wap.sh/images/facebook.png

54.36.158.41

204 B

URL
filehuannd.wap.sh/images/facebook.png
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type
PNG image data, 15 x 15, 4-bit colormap, non-interlaced
Size
204 B (204 bytes)
Hash
2c9246715486bdcb502aade25e6705b5
9454f2229f4d9b86ad16a0668d2f266712949be2
5016d158556a8dce00d914321c99e8d6bd69b9def242650a243a551be9ae93aa

HTTP Headers

GET /images/facebook.png HTTP/1.1
Host: filehuannd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=87045c21d3e02cd065ea2265183b8c20; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 204
Content-Type: image/png

filedangcapnd1.wap.sh/images/GT+Racing+2.png

54.36.158.42

2.4 kB

URL
filedangcapnd1.wap.sh/images/GT+Racing+2.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2379 bytes)
Hash
d3c5e1835f82c96f43bca007f04b61ab
01441bc18622a087ee2757740814ed28151766f5
f9a32ae532510244f39dd4914ae4c5df35633ed5cd7f1a02b40b4d9d1986970d

HTTP Headers

GET /images/GT+Racing+2.png HTTP/1.1
Host: filedangcapnd1.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=217a1f12d6de6b8fd909e79ed08064fb; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2379
Content-Type: image/png

filedangcapnd1.wap.sh/images/doi+canh+rong.png

54.36.158.42

837 B

URL
filedangcapnd1.wap.sh/images/doi+canh+rong.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 42 x 29, 8-bit colormap, non-interlaced
Size
837 B (837 bytes)
Hash
4b820d5a110e012770b0c5eab80c8d9c
8e378121baac2db14b57e26d773967a77cd94958
42b7028cb13d1cb8ef6204191b26d891b8c85871834af509f7e81058667ed0b6

HTTP Headers

GET /images/doi+canh+rong.png HTTP/1.1
Host: filedangcapnd1.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=d0428ca5e26d1bdd04c567534f949cbd; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 837
Content-Type: image/png

filedangcapnd.wap.sh/images/ninja-school.png

54.36.158.42

743 B

URL
filedangcapnd.wap.sh/images/ninja-school.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
743 B (743 bytes)
Hash
77a9b0d50597beb0695e8312339de61f
de357e76654f231a4d348d1e4de08d3da1364b5e
d5cf528578305c28c0ad95d8f0fd4cbd5584ac02cbd3651a0a0e2b93fe179fc1

HTTP Headers

GET /images/ninja-school.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=cf85d71d042366ad67e5a317945d43bc; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 743
Content-Type: image/png

filedangcapnd.wap.sh/images/UC+87.png

54.36.158.42

2.0 kB

URL
filedangcapnd.wap.sh/images/UC+87.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (1960 bytes)
Hash
2e02b17c66144de15cbb8b323e7c7faa
71c74e1231723f4505d03b308ffc8f972fe8187e
ba88358376e5e356e43e391d190d6265353f31ef7a19c698c801b90296c542d2

HTTP Headers

GET /images/UC+87.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=9af6b5259b53d3254d60b4b0bc6e7179; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 1960
Content-Type: image/png

huannd9x.wap.sh/images/i_thumb.PNG

54.36.158.41

0 B

URL
huannd9x.wap.sh/images/i_thumb.PNG
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/i_thumb.PNG HTTP/1.1
Host: huannd9x.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 01:20:22 GMT
Location: https://huannd9x.sextgem.com/images/i_thumb.PNG
X-Ngz: 1
Content-Length: 0
Content-Type: text/html; charset=UTF-8

filedangcapnd.wap.sh/images/danh+ram.png

54.36.158.42

2.6 kB

URL
filedangcapnd.wap.sh/images/danh+ram.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2556 bytes)
Hash
59234968d7b7fd1c2572c8931bc96295
6f2b80af8eb6c3cc81b554598f3df9f43c235125
8daf3695f020037e8ffffc0220a37fbded501357ccfc07d110ed2c3612ff9bc9

HTTP Headers

GET /images/danh+ram.png HTTP/1.1
Host: filedangcapnd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=4135df8f7d46ed355692bfe59410d071; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2556
Content-Type: image/png

filehuannd.wap.sh/images/doremon.png

54.36.158.41

2.6 kB

URL
filehuannd.wap.sh/images/doremon.png
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2560 bytes)
Hash
8e950028b088b9f5dc52bc6e2a366e98
a55a56e26915db7774732f3d109ade4fb39758d0
7f6487ac2a75ab4767f39d8c44f9e182485918f2394b29bcc9599367b428a8e5

HTTP Headers

GET /images/doremon.png HTTP/1.1
Host: filehuannd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=281cb2e157329d3e2c747b2ee396a951; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 2560
Content-Type: image/png

filehuannd.wap.sh/images/socbay.png

54.36.158.41

2.0 kB

URL
filehuannd.wap.sh/images/socbay.png
IP
54.36.158.41:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (1999 bytes)
Hash
6febb4f1f26bd0b4a244b35986e40152
6caa637d97aaf792747332ce0a54a6d729c7fb33
6737d4ef541effcdd85cfd065789b0cb2bc342b6aa464b3c86bc6f5b8b1edab2

HTTP Headers

GET /images/socbay.png HTTP/1.1
Host: filehuannd.wap.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=2575ed6eb9563f2f165ff0d807e0f738; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.wap.sh; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 1999
Content-Type: image/png

xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odWFubmQ5eC53YXAuc2hcL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiaHVhbm5kOXguc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19

141.94.172.213

2.8 kB

URL
xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odWFubmQ5eC53YXAuc2hcL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiaHVhbm5kOXguc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
IP
141.94.172.213:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (464)
Size
2.8 kB (2751 bytes)
Hash
884e0c309a916b777c5784693889f212
489de9585a155a264f6a0a5e3e5a47d597a2dcc6
94bc3890295b2daed50af26aabae6f09ffc0810ab8d40cb8ad68f54b773c6911

HTTP Headers

GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odWFubmQ5eC53YXAuc2hcL2luZGV4IiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiaHVhbm5kOXguc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: session=w2~04ciet79qnj02h0a281f4orqs2; expires=Thu, 09-May-2024 01:20:22 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
__template=web; expires=Fri, 07-Jun-2024 01:20:22 GMT; Max-Age=2592000; path=/
__lang=us; expires=Fri, 07-Jun-2024 01:20:22 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2751
Content-Type: text/html; charset=UTF-8

dangcapnd.sextgem.com/images/logo.png

54.36.158.42

4.5 kB

URL
dangcapnd.sextgem.com/images/logo.png
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 214 x 29, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4469 bytes)
Hash
3c537d0666d1763b08cc222a64c8996c
9f0a2d64c407dda135b433d4e9c3c0eb6156f0e4
3d07b5f0177f528e62bfdd0a56cd598e67b9944627ac4896fd1e29c8b35a070e

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: dangcapnd.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Last-Modified: Mon, 24 Mar 2014 12:49:25 GMT
ETag: "1175-4f559aa4e5f40"
Content-Length: 4469
Content-Type: image/png

tieuquya7.xtgem.com/images/3.gif

54.36.158.42

5.0 kB

URL
tieuquya7.xtgem.com/images/3.gif
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 150 x 290
Size
5.0 kB (5021 bytes)
Hash
777dc87c65fe96158de899f0953a6a87
a66440bd01f7f0d86d8e42cd52ecd86be91a713e
0f45932c7fa5f448a53650988053b3115bdcd3f602e0ecc21f0058614fe77033

HTTP Headers

GET /images/3.gif HTTP/1.1
Host: tieuquya7.xtgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=5ba407134faeafc8c15e5de912e47102; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Last-Modified: Mon, 18 Apr 2011 04:14:37 GMT
ETag: "139d-4a129a1324540"
Content-Length: 5021
Content-Type: image/gif

huannd9x.sextgem.com/images/i_thumb.PNG

54.36.158.42

1.6 kB

URL
huannd9x.sextgem.com/images/i_thumb.PNG
IP
54.36.158.42:0
ASN
#16276 OVH SAS

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1607 bytes)
Hash
bd1f930a3eed640c47b41fb19d0e4984
7598087be448d4ba9d135c0a3250859f2c47d8f9
7443ef1efd33b13daf95900e73cce475f85f6afe9ee39e6d72c47055679bf171

HTTP Headers

GET /images/i_thumb.PNG HTTP/1.1
Host: huannd9x.sextgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; _xta_vid=a5814987e1698992fb31ad6b0c326010-1715131221; test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:22 GMT
Set-Cookie: _xta_uid=76a3bb295e04ff68d4deab39e85f07e2; expires=Fri, 08-May-2026 01:20:22 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:22 GMT
X-Ngz: 1
Content-Length: 1607
Content-Type: image/png

pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js

172.240.108.76

31 kB

URL
pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30635 bytes)
Hash
b24691a617241b675121a0b22e813c3c
b091e1cd537411dce9b2bcb7118a35fd7f9bff52
2b96ca060ef5509b465d15b09ee1058215604978f6a6b1c4f9a5c85891142454

HTTP Headers

GET /e2/68/30/e2683001b51a3e369fb2d16165c07e07.js HTTP/1.1
Host: pl13048200.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 01:20:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0241ea89ef19c85b33f576b4c408435
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
3a1e61864f6877260287982fa7e36085
6d426b2327915af4f120ff6b18ebd20ed03c2a2b
9ee2ee3f0b60937becb4aa057c348332dd277e32b268f5c0ea260c0d2a2af498

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 01:20:23 GMT
Last-Modified: Wed, 08 May 2024 00:14:25 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 2641ce37a88af457fa707094ebf66736.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: q371q7mOBH9r0AZs8wu-stAkhOuttvsWyUVC3XE50QeCGywlJiepSg==
Age: 3958

xtgem.com/images/close2.png?v=0.01

141.94.172.213

564 B

URL
xtgem.com/images/close2.png?v=0.01
IP
141.94.172.213:0
ASN
#16276 OVH SAS

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
564 B (564 bytes)
Hash
865dce1b2a4002b9a85f75ea622f4000
f56c8218b5ca721a9e5a3daec742a6f38c33c075
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

HTTP Headers

GET /images/close2.png?v=0.01 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 01:20:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 564
Cache-Control: max-age=2592000
Expires: Fri, 07 Jun 2024 01:20:23 GMT
X-Ngz: 1
Content-Type: image/png

proftrafficcounter.com/stats

52.58.212.182

40 B

URL
proftrafficcounter.com/stats
IP
52.58.212.182:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5ee51a58f90007163b6a152f70f2671b
eef1aadba46082b5fe84f667f15ebfb707f4f991
079c2c55a23ff6b9e587894750cbf394bf742960663a1928201e8a95a529d43e

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://huannd9x.sextgem.com
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:20:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://huannd9x.sextgem.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7f43d40c-cec8-478f-8d64-f6a9d216b8ec:1:1; expires=Sat, 06 May 2034 01:20:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

astronomybreathlessmisunderstand.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1375&bv=24.5.6485&tmpl=70

172.240.127.234

0 B

URL
astronomybreathlessmisunderstand.com/pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1375&bv=24.5.6485&tmpl=70
IP
172.240.127.234:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1761&rd=1761&fd=1375&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 01:20:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

capaciousdrewreligion.com/advertisers.js

172.240.127.234

0 B

URL
capaciousdrewreligion.com/advertisers.js
IP
172.240.127.234:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huannd9x.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 01:20:23 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 694602426f717ccde58bede9dc55a12f
Strict-Transport-Security: max-age=0; includeSubdomains

dangcapnd.net/

0.0.0.0

0 B

URL User Request GET
dangcapnd.net/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: dangcapnd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers